How to Encrypt Files with gocryptfs on Linux – Guide

Gocryptfs is a file-level encryption utility mounted on a Userspace (FUSE) file system. FUSE-mounted means that encrypted files are stored in a single directory tree, which is mounted as a USB stick via the FUSE interface. This allows any user to mount – you don’t need to be root. Since gocryptfs encrypts at the file level, sync operations that copy your files can work efficiently for each file. This is in contrast to disk-level encryption, which encrypts the entire disk as a single large binary blob. When you use gocryptfs in normal mode, your files are stored on your hard drive in an encrypted format. However, if you provide the files encrypted, you will have unencrypted access to your files, just like any other file on your computer. That means all your regular tools and programs can use your files unencrypted. Changes, new files and deletions are reflected in real-time in the encrypted version of files stored on your hard drive.

How to make use of Gocryptfs to encrypt files.



Gocryptfs comes with a deb package and is available in the Debian and Ubuntu repository, which means you can easily install it with the command: The same applies to Arch Linux. You can install gocryptfs via Pacman: For other Linux distributions, you can download the binary file from the Github website.


To use gocryptfs on macOS, you need to install Homebrew first: Then use the following command to install gocryptfs:


Gocryptfs is not natively supported on Windows due to lack of FUSE support. However, cppcryptfs is an implementation of the gocryptfs encrypted overlay file system in C++ for Windows, so you can still make it work on Windows. Follow the building instructions here.

Using gocryptfs to encrypt files

To start using gocryptfs, you first need to create two empty folders: Then launch gocryptfs: Finally, mount the “encrypted” folder in the “plain” folder: Now, all files you put in the “plain” folder will be encrypted and stored in the “encrypted” folder. For example, if you want to store the encrypted file on Dropbox and mount it in a “Private” folder on Home directory, you can run the following commands: Each file you place in the Private folder will be encrypted in the “Encrypted” folder and uploaded to the Dropbox server.

SiriKali – a GUI tool for using gocryptfs

SiriKali is a GUI tool that can be used to encrypt with gocryptfs and other standards. It is available for Linux, macOS and Windows, although the Windows version does not support gocryptfs. After the commands are done, it’s a good idea to run it to “trust” the key and allow updates.

Final note

I hope you like the guide How to Encrypt Files with gocryptfs on Linux. In case if you have any query regards this article you may ask us. Also, please share your love by sharing this article with your friends.