# Encrypting a folder

## dragonuv

Hi,

I'm interesting in encrypting a folder in my local HD, I was thinking about an encrypted loopback device I mount each time I want to access its contents but the disadvantage is that I have a backup server at my house and if I had not unmounted the device it could copy its contents into the server.

I was looking for a more successful method, I would be grateful if someone could offer a decent method.

Thanks  :Smile: 

----------

## dE_logics

Autounmount every few hours automatically?

----------

## dragonuv

That's a risk I can't afford. what if I mount the second the backup server decides to backup my computer?

----------

## Hu

Configure your backup not to cross mount points.  That way, if it runs while the device is mounted, it will at most copy the owner/permissions of the mount point, but none of the contents.  If you hide the mount inside an area that is normally not archived, such as a temporary directory, you can avoid even that problem.

----------

## toralf

 *Hu wrote:*   

> Configure your backup not to cross mount points.

 Even simpler (But I assume not possible) you could try to exclude the mount point/directory.

----------

## dragonuv

 *Hu wrote:*   

> Configure your backup not to cross mount points. 

 

good idea, how is it done?

----------

## chithanh

I suggest to use ecryptfs, and make your backup script only copy the crypted files subdirectory.

----------

## dragonuv

 *chithanh wrote:*   

> I suggest to use ecryptfs, and make your backup script only copy the crypted files subdirectory.

 

please explain? how is ecryptfs better than a loopback device? and how do i make my backup script do that?

----------

## Hu

 *dragonuv wrote:*   

> good idea, how is it done?

 That depends on what tool is collecting the list of files to archive.  You have not told us yet how you pick which files are in and which are out.  If you are using find ... -print0 | tar --null -T - ..., then add -xdev to your find.  If you are letting tar pick files, add --one-file-system.  If you are using some other mechanism, please describe it.

----------

## dragonuv

Actually I have not decided yet how the backup system will work. probably a bash script that will copy the content of the whole filesystem to a local folder. I just didn't want the script to include entries of folders that should't be copied

----------

