# eCryptfs > disk encryption software **Wikidata**: [Q1103264](https://www.wikidata.org/wiki/Q1103264) **Wikipedia**: [English](https://en.wikipedia.org/wiki/ECryptfs) **Source**: https://4ort.xyz/entity/ecryptfs ## Summary eCryptfs is a disk encryption software designed to provide file-level encryption on Linux systems. It functions as a cryptographic layer integrated into the filesystem stack, securing individual files transparently during read and write operations. As free software, it allows users to inspect, modify, and redistribute its source code. ## Key Facts - **Category**: Disk encryption software, encrypting file system, free software - **License**: GNU General Public License, version 2.0 - **Operating System Support**: Linux only - **Programming Language**: C - **Aliases**: Enterprise Cryptographic Filesystem - **Website**: [http://ecryptfs.org](http://ecryptfs.org) (last verified October 4, 2015) - **Source Code Repositories**: - Main repository: [Launchpad via Bazaar](https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/files) - Kernel module: [Git at kernel.org](https://web.git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs.git) - **Packaging Availability**: - Arch Linux package: `ecryptfs-utils` - SlackBuilds package: `system/ecryptfs-utils` - **Documentation Sources**: Wikipedia (5 languages), ArchWiki, Gentoo Wiki ## FAQs ### Q: What is eCryptfs used for? A: eCryptfs is used to encrypt individual files on Linux-based systems. It provides transparent encryption and decryption of user data at the filesystem level, ensuring that sensitive information remains secure even if physical storage media are compromised. ### Q: Is eCryptfs still actively maintained? A: Yes, eCryptfs continues to be part of the Linux ecosystem with ongoing development primarily focused on maintaining compatibility and security within the kernel. Its core functionality has been stable over time, though newer alternatives like fscrypt have emerged. ### Q: How does eCryptfs differ from full-disk encryption tools like LUKS? A: While LUKS encrypts entire block devices such as hard drives or partitions, eCryptfs operates at the file level. This means each file can be individually encrypted without requiring the whole disk to be mounted in an encrypted state, offering more granular control over access permissions. ## Why It Matters eCryptfs plays a critical role in enhancing privacy and data protection for Linux users by enabling per-file encryption seamlessly integrated into the filesystem layer. Unlike full-volume encryption solutions, it offers flexibility in managing which files are protected and how keys are handled. Historically, it was one of the first enterprise-grade cryptographic filesystems available as open-source software, influencing later developments in Linux-native encryption frameworks. By leveraging kernel integration while remaining accessible through standard POSIX interfaces, eCryptfs supports both usability and strong cryptographic guarantees. It has also served as a foundational component in desktop environments like Ubuntu, where it was used to implement home directory encryption features. ## Notable For - Being among the earliest widely adopted open-source cryptographic filesystems for Linux - Integration into mainstream Linux distributions including Ubuntu for protecting home directories - Dual-layer architecture supporting both kernel-space modules and user-space utilities (`ecryptfs-utils`) - Compatibility with existing filesystems like ext4, allowing encryption without reformatting volumes - Support for metadata encryption and filename obfuscation to enhance confidentiality beyond just content ## Body ### Overview eCryptfs stands for “enterprise cryptographic filesystem” and serves as a stacked cryptographic filesystem for Linux. Rather than acting as a standalone filesystem, it layers on top of existing filesystems such as ext4, providing transparent encryption and authentication services for individual files and directories. ### Technical Architecture eCryptfs works by intercepting I/O requests between applications and lower-level filesystems. When a file is written, eCryptfs encrypts the data before passing it down; when read, it decrypts the data automatically based on session keys derived from user credentials. #### Components - **Kernel Module**: Implements the actual encryption logic using AES and other ciphers supported by the kernel's crypto API. - **User-space Utilities (`ecryptfs-utils`)**: Provide configuration tools like `mount.ecryptfs_private`, key management, and setup scripts. - **Key Modules**: Uses passphrase-based or public-key cryptography to derive session keys. ### Licensing and Distribution eCryptfs is licensed under GPLv2 and qualifies as free software. It ships with many major Linux distributions: - Available as `ecryptfs-utils` in Debian, Ubuntu, Fedora, Arch Linux, and others. - Packaged separately for niche platforms like Slackware via SlackBuilds. ### Historical Context Development began around 2005–2006, led by developers working with IBM and Canonical. It became notable for inclusion in Ubuntu starting with version 9.04, where it enabled optional home directory encryption for end-users. ### Use Cases Common deployment scenarios include: - Securing personal home directories against unauthorized access - Protecting portable storage devices like USB sticks - Enforcing compliance requirements for data-at-rest encryption in enterprise settings ### Limitations and Alternatives While powerful, eCryptfs has some drawbacks: - Performance overhead due to double writes (plaintext then ciphertext). - Complex migration paths compared to simpler mechanisms like dm-crypt/LUKS. Newer alternatives such as `fscrypt` offer better performance and tighter kernel integration but lack certain legacy compatibility features found in eCryptfs. ## References 1. [Source](https://code.launchpad.net/~ecryptfs/ecryptfs/trunk) 2. [Source](https://www.ecryptfs.org/) 3. [Alexa Internet](https://www.alexa.com/siteinfo/http://ecryptfs.org/)