File: tramp-crypt.el.html

Access functions for encrypted remote files. It uses encfs to encrypt / decrypt the files on a remote directory. A remote directory where you wish files to be encrypted must be declared in tramp-crypt-directories via command tramp-crypt-add-directory. All files in that directory, including all subdirectories, are stored encrypted. This includes file names and directory names.

This package is just responsible for the encryption part. Copying of the encrypted files is still the responsibility of the remote file name handlers.

A password protected encfs configuration file is created the very first time you access an encrypted remote directory. It is kept in your user directory (usually "~/.emacs.d/") with the url-encoded directory name as part of the basename, and ".encfs6.xml" as suffix. Do not lose this file and the corresponding password; otherwise there is no way to decrypt your encrypted files.

If the user option tramp-crypt-save-encfs-config-remote is non-nil (the default), the encfs configuration file ".encfs6.xml" is also kept in the encrypted remote directory. It depends on you, whether you regard the password protection of this file as sufficient security.

If you use a remote file name with a quoted localname part, this localname and the corresponding file will not be encrypted/ decrypted. For example, if you have an encrypted remote directory
"/nextcloud:user@host:/encrypted_dir", the command

  C-x d /nextcloud:user@host:/encrypted_dir

will show the directory listing with the plain file names, and the command

  C-x d /nextcloud:user@host:/:/encrypted_dir

will show the directory with the encrypted file names, and visiting a file will show its encrypted contents. However, it is highly discouraged to mix encrypted and non-encrypted files in the same directory.

To disable encryption for a particular remote directory, use the command tramp-crypt-remove-directory.

Defined variables (9)

Defined functions (45)

Defined faces (0)