May 10, 2009

Encrypting Your Dropbox Seamlessly and Automatically

Filed under: Linux,Security — bnsmith @ 8:37 pm

A Tutorial for Ubuntu 9.04

About a month ago, I wrote an introduction to using the Dropbox service to backup your important data. Any data that you backup with Dropbox is encrypted and uploaded to Amazon’s S3 service. Unfortunately, it is the people who run Dropbox that hold the keys used to perform this encryption. Regardless of how great the service is, storing your files with Dropbox involves placing your trust in the people who currently run the Dropbox service, as well as all of the people who will ever run Dropbox in the future. This is an unacceptable risk for many people and many kinds of data.

Thankfully, there is a strategy that can greatly reduce the risk. It is possible to automatically encrypt your files, and then use Dropbox to backup the encrypted versions. This means that you can have your cake and eat it too! Dropbox provides a convenient backup strategy so that your files can’t be lost due to the theft or destruction of your laptop. The encryption software ensures that your files can’t be accessed by anyone who works for Dropbox, or any hackers that might have infiltrated the servers that Dropbox uses.

If you’re using Ubuntu, the software that you need is free, and it isn’t especially difficult to set up. Please note that this tutorial will require you to use the command-line and edit some configuration files. Don’t be afraid! I will try to explain the process in a step-by-step fashion. If you’re just getting started with Linux, this project might help you get used to the command-line a little bit.

(Note: this has been tested on Ubuntu 9.04 only; I am not confident that these exact instructions will work on older versions of Ubuntu.)

Part 1: Set Up Dropbox

The rest of this tutorial will assume that you have the Dropbox client software installed on your computer. Detailed instructions can be found in the “Installing Dropbox” section of my previous post on the Dropbox service. When you have finished following those instructions, proceed with Part 2.

Part 2: Removing Unencrypted Data

This section only applies if you have already used Dropbox to store some data that you would now like to encrypt. If you have never stored any files in your Dropbox, skip ahead to Part 3.

The first step is to take all of the contents of your Dropbox folder and back them up somewhere else. The following command will copy everything in your Dropbox into a folder named “DropboxBackup” (open a Terminal by clicking Applications -> Accessories -> Terminal):

cp -r ~/Dropbox ~/DropboxBackup

Once everything has finished copying, it might even be a good idea to burn this folder to a CD, just to be safe. Now we can proceed to delete all of the files in the Dropbox folder. Open your Dropbox folder in the file manager by left-clicking on the Dropbox applet in the top-right. Click the “View” menu and ensure that “Show Hidden Files” is checked. Next, select all the files and hit the Delete key. Dropbox should begin synchronizing the changes. Unfortunately, once the synchronization completes, nothing will have been actually deleted yet; the files will simply be marked as deleted, but it will still be possible to recover them.

In order to actually get rid of the files, open your web browser, go to and log in. Click the “Show deleted files” button.


For each deleted file, select the “Purge” option.


Part 3: Reconfiguring the Dropbox Client

The encryption software that will allow you to secure your Dropbox is called “EncFS“. It works by creating a folder in which to store an encrypted version of each of your files and folders, and then making the unencrypted names and content available in a different folder. When we are finished with this tutorial, the folder containing the encrypted files will be stored within the Dropbox folder, and will therefore be automatically backed-up. Since we don’t want to accidentally store any non-encrypted files in the Dropbox folder, we will move the real Dropbox folder to a hidden location.

Right-click on the Dropbox applet and choose “Preferences…”; under the “Main” tab, click “Move…”:


Move to your Home Folder and click the “Create Folder” button. Give the new folder the name “.dropbox_encrypted” and click “Open”. Close the preferences window. On to Part 4!

Part 4: Configure an Encrypted Filesystem with EncFS
Now we’re ready to actually do some encrypting. In the commands that follow, you will need to substitute your username in place of <<yourusername>>. Open a terminal and enter these commands:

sudo apt-get install encfs libpam-mount
sudo adduser <<yourusername>> fuse

(As an example, if your username is “pragmattica”, then the command just above should be sudo adduser pragmattica fuse)

Now you need to log out and log back in again before continuing. Next, run this command:

encfs ~/.dropbox_encrypted/Dropbox/encrypted ~/Dropbox


The encryption software will ask you a series of questions. Enter the following responses:

  • Enter ‘y’ to create the encrypted directory
  • Enter ‘y’ to create the unencrypted directory
  • Enter ‘x’ to choose expert Mode (I experimented with the pre-configured paranoia mode, but encountered performance issues)
  • Enter ‘1’ to use the AES cipher algorithm
  • Enter ‘256’ for the key size
  • Enter ‘1024’ for the block size
  • Enter ‘1’ for block filename encoding
  • Enter ‘y’ for filename initialization vector chaining
  • Enter ‘n’ for per-file initialization vectors
  • Enter ‘n’ for block authentication code headers
  • Enter ‘y’ for file-hole pass-through
  • Enter and repeat the password for the new encrypted filesystem; in order for the next part of the tutorial to work, the password must be the exact same password that you use to log in to your computer after turning it on

I’m probably not telling you anything that you don’t already know, so I’ll be brief. A good password should consist of upper and lower-case letters, numbers and punctuation characters. It should be fairly random looking, and pretty long; more than 20 characters, preferably.

You can now begin copying files into your /home/<<yourusername>>/Dropbox directory. The files that you copy in should be encrypted and backed-up by Dropbox. If you log in to the Dropbox website, all of the saved files should have meaningless gibberish names and encrypted contents.


Part 5: Use pam_mount to Automatically Mount Your Encrypted Filesystem

At this point, it would be possible to use the command-line to manually mount your encrypted filesystem every time you turn your computer on, but we can do better. A program named “pam_mount” can automatically mount the filesystem as soon as you log in. Open a terminal and enter this command:

sudo gedit /etc/security/pam_mount.conf.xml

Look for the line:

<!-- Volume definitions -->

Right beneath that line, add this new line:

<volume user="<<yourusername>>" fstype="fuse" path="encfs#/home/<<yourusername>>/.dropbox_encrypted/Dropbox/encrypted" mountpoint="/home/<<yourusername>>/Dropbox" />

To eliminate a harmless but annoying error message, use “sudo gedit” as above to edit the /etc/pam.d/common-pammount and /etc/pam.d/common-auth files and eliminate all occurrances of the word use_first_pass.

The next time you turn your computer on and log in, you should be able to go to your new /home/<<yourusername>>/Dropbox folder and see the unencrypted versions of your important files. Unfortunately, this new folder won’t display the little status icons on each file, so you’ll have to keep an eye on the Dropbox applet to know when the synchronization of your files is in progress or complete. I think that this is a very reasonable sacrifice for the additional security.

One last tip: the icon for your secure Dropbox folder is now the same as for every other folder. To give that folder some visual distinction, it’s possible to change its icon. Right-click on the folder and select “Properties”. Click on the little Folder icon in the top-left of the properties dialog box and set the icon to /usr/share/icons/hicolor/64×64/apps/dropbox.png.


Security Considerations

As an added benefit, this strategy will also provide a little protection against your information being compromised by someone who steals your laptop. The reason this only provides a little protection is due to the tendency of modern operating systems and software to scatter bits of information about while working. The actual files themselves are encrypted, but unencrypted bits of the files might still end up lying around in temporary files or the swap partition. An attacker with enough skill and determination would be able to find those. Still, it’s better than nothing.

This is probably going to be my last security-related post for a while. I’ve been going through a security phase lately, but I’m feeling pretty good about the precautions that I now have in place. Next post, I will be back to my regularly scheduled programming topics. As always, if you have any problems with anything in the tutorial, just leave a comment. I’m always happy to help.


April 30, 2009

Password Hashing: A Neat Idea That Can Help to Protect Your Online Accounts

Filed under: Security — bnsmith @ 8:41 pm

I’ve been re-evaluating my information security precautions lately, and while doing so, I discovered something interesting that I’d like to share. These days, most people have accounts at several different websites. For convenience, most people use the same password for some or all of their accounts, which opens up a potential security vulnerability. If a computer criminal manages to steal a list of usernames and passwords from a poorly-secured website, then they could try using each of these username/password pairs to log in to Paypal, for example. As you can imagine, compromising a few thousand Paypal accounts could be quite profitable.

There are other, less-obvious ways that your passwords could be compromised as well. As I learned from reading the EFF’s Surveillance Self Defence guide, the New York Times website doesn’t encrypt the username and password that you send them to access their articles. If you log into the website from the open WiFi provided at an airport, for example, then your username and password would be transmitted completely in the clear and could be stolen by anyone in range of the radio signal.

The recommended solution is to use a different password for each website that you use, so that the theft of one password will only give the computer criminal access to one online account and not all of them. If you commit every one of your passwords to memory, then this strategy is very secure; unfortunately, it also requires tremendous effort and discipline to memorize random strings of letters, numbers and punctuation.

One Option: Password Vaults

It is possible to store your passwords in an encrypted file on your hard drive, and then choose one “master password” that will allow you to fetch the password for a specific website out of the vault. The master password is the only one that you need to remember. Using this system, it will seem as though you’re using the same password for each website. Behind the scenes, however, each website will receive its own unique password.

This is a reasonable option, but it has some disadvantages. First, you must have a good backup strategy in place, because losing your vault file would mean losing access to all of your accounts. If you follow the advice of some security experts and set your password recovery questions to gibberish, the loss of your vault would be that much more difficult to recover from. Second, this system is a bit inconvenient for accessing your accounts when you are away from your main computer. If you go to an Internet cafe in some other country, perhaps you could bring your password vault on a USB thumb drive, but what if the cafe doesn’t allow users to plug in their own USB drives? Or perhaps the cafe’s computers run Mac OS X and you don’t have compatible decryption software on the thumb drive. I believe that it should be possible to develop a partially web-based password vault program that overcomes these problems, but no such program currently exists, as far as I know.

The Solution: Password Hashing

The basic idea behind password hashing is to take a master password of your choice and combine it with a value specific to the website that you wish to access. This combined value is then run through a “hash function” that creates a random-looking string of letters, numbers and punctuation. This random-looking string will be the password for that specific website. It’s pretty simple once you get the idea; perhaps an example would help. Suppose that you choose “123456” to be your master password, and you wish to access your Facebook account. The password hashing software will combine “123456” with a value representing the website; in this case, that would likely be “facebook”. The resulting password is “9bMxDooTmtwh7AX$”.
Nothing is stored on your hard-drive, so there’s nothing to backup. When you’re away from your main computer, it is possible to browse to a web-based version of the password hashing software. This online version shouldn’t need to transmit anything over the Internet in order to generate the password for any of your websites.

If an attacker manages to acquire one, or even all of your site-specific passwords, they will still be no closer to figuring out what your master password is, thanks to the special properties of the hash functions used for this purpose.

This system has one more great security benefit: protection against phishing attacks. Suppose that an attacker tricks you into visiting a fraudulent copy of eBay with the address “”. The website would look legitimate, but have a slightly different address than the real thing. If you then try to log in to this fraudulent web-site, the password hashing software would combine “123456” with “eboy” to create the hashed password “2dsOpJdTv$q9Aook”. This is completely different than your real eBay password, “c+qw5XtUrJyLF2wM”, created by combining “123456” with “ebay”. The password stolen by the computer criminals is useless!

Password Hashing Software

One of the most popular password hashing programs is Stanford PwdHash, and with good reason. It is simple, elegant and it just works. When you visit a website that you wish to log in to, you simply type “@@” followed by your master password into the website’s password field. PwdHash automatically substitutes the hashed password before transmitting the login information. Anyone watching over your shoulder wouldn’t even know you were doing anything special.

It is definitely my favorite password hashing program, and it pains me that I can’t use it. Sometimes a program can be too simple. PwdHash has no options or customizability of any kind. Any hashed password that is generated by PwdHash is always exactly two characters longer than the master password. As I was half-way through converting all of my accounts to PwdHash, I discovered that some of the websites that I use had restrictions on the length and composition of the passwords that they would accept. Specifically, it always seemed to be the websites for banks and financial institutions that would only accept weak passwords.

I know this isn’t really relevant here, but I have to ask: what is wrong with the banks? They make billions of dollars in profits but can’t spare enough hard drive space to store more than 8 characters for a password? Or maybe they just decided that 8 characters is good enough security for what they’re protecting, because of course my life savings is so much less valuable than my list of favorite movies on Facebook.

Ahem. Sorry about that. Anyway, when it comes to password hashing in the real world, the best option that I’ve found is the unimaginatively named “Password Hasher“. It’s basically the same as PwdHash, except that you can specify the length and characteristics of the passwords that are generated. There are a few small usability problems that prevent me from endorsing it wholeheartedly. Here’s how the program works. First, you visit the website, enter your username and tab down to the password field.


Then you activate the plugin through a keyboard shortcut, and a pop-up window appears into which you type your master password.


When you press “Enter”, the pop-up closes and the password field on the web page is populated with the generated password.


All well and good, but you must then press “Enter” again to actually submit the username and password and enter the website. Pressing “Enter” twice to log in is a bit annoying, but you get used to it.

Another problem is the bizarre default keyboard shortcut for activating the pop-up: CTRL-F6. I recommend immediately changing it to something a little more convenient. I use CTRL-semicolon (see the FAQ for directions on changing the shortcut).

Overall, despite these niggling issues, the program performs admirably. If you’re seriously thinking about implementing this security strategy, I recommend making a list of all of your online accounts (not an easy task, I assure you) and then figuring out which websites, if any, have annoying password restrictions that rule out the use of PwdHash. In all honesty, if you’re a serious Internet user, Password Hasher is probably your best option. Since you’ve read this far, I can assume that you’re pretty serious about securing your information, so why not give it a try? If you have any other questions, leave a comment and I’ll do my best to help.

Blog at