Two-Steps are required:
1.) Add S3 via S3FS (unencrypted)
2.) Mount an encrypted container in the S3-Mountpoint via EncFS
1.) Mount S3 via S3FS (unencrypted)
Install Required Packabes
sudo apt-get install build-essential libcurl4-openssl-dev libxml2-dev mime-support sudo apt-get install automake autotools-dev g++ git libcurl4-gnutls-dev libfuse-dev libssl-dev libxml2-dev make pkg-config
Download and Compile Fuse
Current Version: https://github.com/libfuse/libfuse/releases
git clone https://github.com/libfuse/libfuse.git cd libfuse ./configure –prefix=/usr/local make && make install export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig ldconfig modprobe fuse
Download and Compile s3fs
git clone https://github.com/s3fs-fuse/s3fs-fuse.git cd s3fs-fuse ./autogen.sh ./configure make && make install
Setup Access Key
echo AWS_ACCESS_KEY_ID:AWS_SECRET_ACCESS_KEY > /path/passwd
chmod 600 /path/passwd
Now we can Mount S3
mkdir /tmp/s3fs
s3fs <mybucket> /path/to/mountpoint -o passwd_file=/path/to/passwd
s3fs <mybucket> /path/to/ mountpoint -o use_cache=/tmp/s3fs/,passwd_file=
/path/to/passwd
Unmount
fusermount -u /path/to/ mountpoin
2.) EncFS (Encrypted) Container
Install
apt-get install encfs
Set Encypted Dir
Create uncrypted dir:
mkdir /path/to/mountpoint-EncFS
Now we Map EncFS encrypted Directory in S3
encfs /path/to/mountpoint-S3Fs /path/to/mountpoint-EncFS
3.) Mount Volume on Boot
Make Wrapper for EncFS
Export Passwort in File
echo “Password” > /path/.passwd-encfs
chmod og-rwx /
path /.passwd-encfs
Create Wrapper
vi /usr/bin/EncFS
#!/bin/sh
encfs –public –extpass=”cat /path/.passwd-encfs” $*
Set Scipt rights to execute
chmod +x /usr/bin/EncFS
Add to Volumens
vi /etc/fstab
s3fs#<mybucket> /path/mountpoint-s3fs fuse allow_other,nonempty,use_cache=/tmp/s3fs/,passwd_file=/path/.passwd-
s3fs 0 0 EncFS#/mnt/s3fs/ /path/mountpoint-encfs/ fuse allow_other,default_permissions,nonempty 0 0