~ # cat /etc/fstab rootfs / rootfs defaults,errors=remount-ro,noatime 0 0 /dev/mmcblk0p3 /enc_home ext4 rw,noatime,errors=remount-ro,barrier=1 0 0 /dev/mmcblk0p1 /home/user/MyDocs vfat noauto,nodev,noexec,nosuid,noatime,nodiratime,utf8,uid=29999,shortname=mixed,dmask=000,fmask=0133,rodir 0 0 ubi0:var /var ubifs noauto,no_chk_data_crc,bulk_read
~ # ~ # /usr/bin/encfs --public /enc_home /home Creating new encrypted volume. Please choose from one of the following options: enter "x" for expert configuration mode, enter "p" for pre-configured paranoia mode, anything else, or an empty line will select standard mode. ?> Standard configuration selected. Configuration finished. The filesystem to be created has the following properties: Filesystem cipher: "ssl/aes", version 3:0:2 Filename encoding: "nameio/block", version 3:0:1 Key Size: 192 bits Block Size: 1024 bytes Each file contains 8 byte header with unique IV data. Filenames encoded using IV chaining mode. File holes passed through to ciphertext. Now you will need to enter a password for your filesystem. You will need to remember this password, as there is absolutely no recovery mechanism. However, the password can be changed later using encfsctl. New Encfs Password: Verify Encfs Password: ~ # ~ # mount | grep enc encfs on /home type fuse.encfs (rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,allow_other) ~ #