belerofon/ Januar 26, 2019/ Betriebssysteme, Netzwerk

Two-Steps are required:

1.) Add S3 via S3FS (unencrypted)
2.) Mount an encrypted container in the S3-Mountpoint via EncFS

1.) Mount S3 via S3FS (unencrypted)

Install Required Packabes

sudo apt-get install build-essential libcurl4-openssl-dev libxml2-dev mime-support sudo apt-get install automake autotools-dev g++ git libcurl4-gnutls-dev libfuse-dev libssl-dev libxml2-dev make pkg-config

Download and Compile Fuse

Current Version: https://github.com/libfuse/libfuse/releases

git clone https://github.com/libfuse/libfuse.git cd libfuse ./configure –prefix=/usr/local make && make install export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig ldconfig modprobe fuse

Download and Compile s3fs

git clone https://github.com/s3fs-fuse/s3fs-fuse.git cd s3fs-fuse ./autogen.sh ./configure make && make install

Setup Access Key

echo AWS_ACCESS_KEY_ID:AWS_SECRET_ACCESS_KEY > /path/passwd
chmod 600 /path/passwd

Now we can Mount S3

mkdir /tmp/s3fs
s3fs <mybucket> /path/to/mountpoint -o passwd_file=/path/to/passwd

s3fs <mybucket> /path/to/ mountpoint -o use_cache=/tmp/s3fs/,passwd_file=
/path/to/passwd

Unmount

fusermount -u /path/to/ mountpoin

2.) EncFS (Encrypted) Container

Install

apt-get install encfs

Set Encypted Dir

Create uncrypted dir:

mkdir /path/to/mountpoint-EncFS

Now we Map EncFS encrypted Directory in S3

encfs /path/to/mountpoint-S3Fs /path/to/mountpoint-EncFS

3.) Mount Volume on Boot

Make Wrapper for EncFS

Export Passwort in File

echo “Password” > /path/.passwd-encfs
chmod og-rwx /
path /.passwd-encfs

Create Wrapper

vi /usr/bin/EncFS

#!/bin/sh

encfs –public –extpass=”cat /path/.passwd-encfs” $*

Set Scipt rights to execute

chmod +x /usr/bin/EncFS

Add to Volumens

vi /etc/fstab

s3fs#<mybucket> /path/mountpoint-s3fs fuse allow_other,nonempty,use_cache=/tmp/s3fs/,passwd_file=/path/.passwd-

s3fs 0 0 EncFS#/mnt/s3fs/ /path/mountpoint-encfs/ fuse allow_other,default_permissions,nonempty 0 0

Share this Post