Require password for only a single directory

Is it possible to require a password to view a single directory while leaving the rest fully viewable?

You can use gocryptfs to encrypt/decrypt a folder, if that's what you're after: https://nuetzlich.net/gocryptfs/. Then if you need to view or use the contents of the folder, you can decrypt it. mount it at a specified (hopefully secure/safe) location, then unmount it when you're finished.

3 Likes

Thanks. Do I download a binary?

The instructions for installation and use are available on the website, see the 'Quick Start' guide. On Ubuntu MATE it should be as easy as opening a terminal (Ctrl + Alt + T) and typing: sudo apt install gocryptfs.

2 Likes

I looked at it. It looks like a CLI type program.

Do you think it would be easier to compress the files in a encrypted tar file and then extract the files when needed in the same directory and then remove the files at a later time?

If someone could help me, I could start writing a script.

Take care,
Andy

If you mean that you prefer a GUI, then you could build cryptor available at https://github.com/moson-mo/cryptor. This would involve familiarity with using git and meson (e.g. see meson's Quickstart Guide). If you're not familiar with these tools and don't want to spend time learning their basic usage, then you'll have to wait for someone else to provide a better option. You could use gocryptfs on the command line in the meantime.

1 Like

I use 7zip which compresses the file, which you can password protect and has the option to encrypt the file list. You can also split the file into multiple volumes. I find that much easier and efficient than actual encryption.

4 Likes

I'd second the gocryptfs suggestion, it also has the advantage that it can transparently work on top of any remote syncing service too, and be easy to backup too. I'd choose this if you're going to be working with the files often, like in a folder.

If you were writing a script, a simple GUI addition is to use zenity to show a password dialog box, and pipe that to gocryptfs:

# Create a folder to mount the files
mkdir /tmp/decrypted

# Show prompt for password, and decrypt
# Assumes an "Encrypted" folder in your Documents folder.
zenity --title "Decrypt Folder" --password | gocryptfs ~/Documents/Encrypted /tmp/decrypted

# Open Caja file browser on success (0), otherwise show error
if [ $? == 0 ]; then
    caja /tmp/decrypted
else
    zenity --error --text "Incorrect password"
fi

I believe it should appear like a mounted drive.

Then, to use the folder, either create a launcher and place it on your desktop/panel. Or leave the script in the folder where the encrypted files rest to double click.

The encrypted tar/7-Zip suggestion is a good alternate if it's something to archive and store away for a long time. I'd say a caveat is a single archive file is more likely to get corrupt.

5 Likes