#!/bin/bash #/##################################################################\ #| Basic scrypt to encrypt with CryFS file hosting services like | #| Dropbox, MEGA, Drive, etc. | #| Guzmán Castanedo (guzman@castanedo.es) | #| November 2016 | #| Licence: GPL 3.0 -> https://www.gnu.org/licenses/gpl-3.0.en.html | #| NOTE: It's necesary to configure Dropbox to basedir folder | #| before run this script, because it need to be empty or | #| Dropbox client will move to a new folder. | #| NEXT: I want to implement auto config the Dropbox client, but | #| it use a encrypted SQLite database. So it's harder. | #\##################################################################/ #Functions function usage { printf "USAGE:\t"$(basename "$0")" [OPTIONS] name\n" printf "NAME:\n" printf "\tSet the automount name (without spaces).\n" printf "\tIt's usefull if you wanty to encrypt more than one file hosting service.\n" printf "\tThis parameter is OBLIGATORY.\n" printf "OPTIONS:\n" printf "\t-b, --basedir basedir\n" printf "\t\tSet the encrypted folder that Dropbox client are going to\n" printf "\t\tupload.\n" printf "\t\tDefault: /home/$USER/.MegaEncrypted/ENCRYPTED\n" printf "\t-m, --mountdir mountdir\n" printf "\t\tSet the decrypted folder.\n" printf "\t\tDefault: /home/$USER/MEGA\n" printf "\t-v, --verbose\n" printf "\t\tSet verbose mode.\n" printf "\t\tDefault: false\n" printf "\t-p, --password password\n" printf "\t\tSet password for CryFS encrypted volume.\n" printf "\t\tIf not set it'll ask iteractively.\n" printf "\t-c, --config cryfsconfig\n" printf "\t\tSet the configuration file for CryFS.\n" printf "\t\tDefault: basedir/cryfs.config\n" printf "\t--not-start-at-login\n" printf "\t\tNot start cryfs at login time.\n" printf "\t\tDefault: true\n" printf "\t\tCAUTION: plain password will be saved in:\n" printf "\t\t~/.config/autostart/cryfs-dropbox.desktop\n" printf "\t--new-volume\n" printf "\t\tCreate a new volume.\n" printf "\t\tDefault: false\n" printf "\t--blocksize\n" printf "\t\tChange the ciphertext block size in bytes\n" printf "\t\tDefault: 524288 (512 KB)\n" printf "\t\tCryFS use by default 32KB, but a 17 GB volume can generate\n" printf "\t\tup to 400,000 files with this...\n" printf "\t\tThe Dropbox client get crazzy!\n" } function createautostart { #createautostart $basedir $mountdir $cryfsconfig $pass $name if [ ! $# -eq 5 ];then echo "ERROR: Internal error generating autostart file." exit 1 fi startfile=/home/$USER/.config/autostart/cryfs-$5.desktop if [ ! -d /home/$USER/.config/autostart ]; then #Create directory (parents if needed) mkdir -p /home/$USER/.config/autostart fi #Need to check existance because we're going to overwrite if [ -f $startfile ];then grep "Exec=$(basename "$0") -b $1 -m $2 -c $3 -p $4 $5" $startfile > /dev/null if [ $? -ne 0 ];then printpaths $name $basedir $mountdir $cryfsconfig printf "\nERROR:\tThere is another $(basename "$0") using that name (%s).\n" $5 printf "\tUse a diferent name.\n" exit 1 fi else echo "[Desktop Entry]" | tee $startfile > /dev/null echo "Type=Application" | tee -a $startfile > /dev/null echo "Exec=$(basename "$0") -b $1 -m $2 -c $3 -p $4 $5" | tee -a $startfile > /dev/null echo "X-GNOME-Autostart-enabled=true" | tee -a $startfile > /dev/null echo "NoDisplay=false" | tee -a $startfile > /dev/null echo "Hidden=false" | tee -a $startfile > /dev/null echo "Name=CryFS-$5" | tee -a $startfile > /dev/null echo "Comment=Automount CryFS for $5" | tee -a $startfile > /dev/null echo "X-GNOME-Autostart-Delay=0" | tee -a $startfile > /dev/null fi } function printpaths { #printpaths $name $basedir $mountdir $cryfsconfig printf "Name:\t\t%s\n" $1 printf "Base Dir:\t%s\n" $2 printf "Mount Dir:\t%s\n" $3 printf "CryFS Dir:\t%s\n" $4 echo } #Bash main export CRYFS_FRONTEND=noninteractive basedir=/home/$USER/.MegaEncrypted/ENCRYPTED mountdir=/home/$USER/MEGA blocksize=524288 verbose=false startlogin=true configset=false newvolume=false #Parse args #With getopts TEMP="$(getopt -q -o b:m:p:vhc: --long basedir:,mountdir:,password:,verbose,help,config:,not-start-at-login,new-volume,blocksize: -n "$(basename "$0")" -- "$@")" eval set -- "$TEMP" unset TEMP while true; do case "$1" in -b|--basedir) #basedir basedir=$2 shift 2 ;; -m|--mountdir) #mountdir mountdir=$2 shift 2 ;; -p|--password) #password pass=$2 shift 2 ;; -v|--verbose) #verbose verbose=true shift ;; -h|--help) #Help usage exit 0 ;; -c|--config) #CryFS Config File cryfsconfig=$2 configset=true shift 2 ;; --not-start-at-login) startlogin=false shift ;; --new-volume) newvolume=true shift ;; --blocksize) blocksize=$2 shift 2 ;; --) #Last one shift break ;; *) #Unspected usage echo "ERROR: Invalid option $1" exit 1 ;; esac done if [ ! $# -eq 1 ]; then echo "ERROR: You must set only one name for the installation" exit 1 fi name=$1 #Check if cryfs is installed if [ ! -x "$(which cryfs)" ]; then echo "ERROR: CryFS is not installed." echo "https://www.cryfs.org/#download" exit 1 fi #Check if cryfs-automount is installed if [ ! -x "$(which $(basename "$0"))" ]; then echo "WARNING: "$(basename "$0")" is not installed." echo "We'll use root access only for installation." test=$(sudo whoami) if [ $test = "root" ]; then sudo cp ./$0 /usr/local/bin/ sudo chmod +x /usr/local/bin/$(basename "$0") else echo "ERROR: No root access!" exit 1 fi echo "Installation Success!" echo fi #Check if directories exist if [ ! -d $basedir ]; then printpaths $name $basedir $mountdir $cryfsconfig echo "ERROR: $basedir is not a directory." exit 1 fi if [ ! -d $mountdir ]; then printpaths $name $basedir $mountdir $cryfsconfig echo "ERROR: $mountdir is not a directory." exit 1 fi #Check encrypt cryfs volume exists (config file) if [ $configset = false ]; then #We use to set it in basedir (CryFS Default) cryfsconfig=$basedir/cryfs.config fi if [ ! -f $cryfsconfig ]; then #Config file doesn't exist if [ $newvolume = false ]; then printpaths $name $basedir $mountdir $cryfsconfig echo "ERROR: $cryfsconfig doesn't exist." echo "If this is a new volume enter the tag: --new-volume" exit 1 fi else if [ $newvolume = true ]; then printpaths $name $basedir $mountdir $cryfsconfig echo "ERROR: Volume exists." echo "If you want to load it, remove the tag: --new-volume" exit 1 fi fi #Convert to absolute path basedir=$(realpath $basedir) mountdir=$(realpath $mountdir) cryfsconfig=$(realpath $cryfsconfig) #Verbose if [ $verbose = true ];then printpaths $name $basedir $mountdir $cryfsconfig fi #Check if password is set if [ -z $pass ]; then if [ $newvolume = true ]; then #Twice cont=false while [ $cont = false ]; do printf "Password:\t" read -s pass1 printf "\nRepeat Password:\t" read -s pass2 echo if [ $pass1 = $pass2 ]; then pass=$pass1 cont=true else printf "Wrong password. Try again:\n" fi done unset cont pass1 pass2 else #Single printf "Password:\t" read -s pass echo fi fi #Before start let's check if autostart on login if [ $startlogin = true ]; then #Let's create it if [ $verbose = true ];then printf "Creating start at login.........\t" fi createautostart $basedir $mountdir $cryfsconfig $pass $name if [ $verbose = true ];then printf "Done!\n" printf "File: %s\n" "/home/$USER/.config/autostart/cryfs-$name.desktop" fi fi #Mount with CryFS if [ $verbose = true ]; then printf "Starting CryFS..................\t" fi echo $pass | cryfs --blocksize $blocksize -c $cryfsconfig $basedir $mountdir 2>&1 > /dev/null if [ $verbose = true ]; then printf "Done!\n" fi