encfs over sshfs on Linux Mint 10

With standard config you get:
fusermount: bad mount point /folder/name: Permission denied

Uncomment user_allow_other from /etc/fuse.conf, and add user to fuse(get read access to /etc/fuse.conf):

sudo nano /etc/fuse.conf
sudo adduser your_username fuse

Log out, and log back in. Check that you’ve got added to fuse:

id | grep fuse

Mount:

sshfs -oallow_other host:/folder/to/mount /mountpoint
encfs /folder/to/encrypted /mountpoint/decrypted

Automated encrypted backup with Back In Time

Install encfs and zenity:


apt-get install encfs zenity

Create encrypted directory:


cd /whole/path/to
mkdir .backintime_encfs
mkdir backintime
encfs /whole/path/to/.backintime_encfs /whole/path/to/backintime

If you would like support for hard links(backintime incremental backups), choose the standard mode, not paranoia mode.

Script to mount and run backup:

#!/bin/bash
# Script to mount encrypted directory and run backup.
enc_path=/whole/path/to
directory=backintime
enc_directory=.backintime_encfs
extpass="zenity --title 'Encrypted backup' --entry 
--text 'Please type password for encrypted backup storage' --hide-text"

#set display for password prompt
export DISPLAY=:0.0
#check if directories exists
if [ -d $enc_path/$enc_directory ] && [ -d $enc_path/$directory ]
then
  # check if encrypted directory already is mounted
  mountpoint $enc_path/$directory > /dev/null
  if [ "$?" != "0" ]; then
    encfs --extpass="$extpass" $enc_path/$enc_directory $enc_path/$directory
  fi
  # check if mount was successful
  mountpoint $enc_path/$directory > /dev/null
  if [ "$?" = "0" ]; then
     echo "Running backup..."
     nice -n 19 /usr/bin/backintime --backup-job >/dev/null 2>&1
     # optional umount of encrypted storage:
     # fusermount -u $enc_path/$directory
     exit 0
  else
    echo "Unable to mount encrypted directory"
    exit 1
  fi
else
  echo "Encrypted directory not found"
  exit 1
fi

Disable schedule in Back In Time, and add script to crontab:


crontab -e
# add this line and save
@hourly /usr/local/bin/encrypted_backup_script

Reference:
http://ubuntuforums.org/showthread.php?t=148600