gocryptfs.el

gocryptfs.el is an Emacs Lisp package that provides native Emacs commands to initialize, mount, unmount, and manage multiple gocryptfs-encrypted directories (“vaults”).

The package integrates gocryptfs cleanly into the Emacs workflow, without shell wrappers, while correctly handling the real-world constraints of FUSE-based filesystems.

Security Considerations

• The password is never passed through the shell
• No use of echo | gocryptfs
• No plaintext password storage
• Sensitive input is sent exclusively via the gocryptfs process standard input

Requirements

• install gocryptfs

  sudo pacman -S gocryptfs
      

Installation

(use-package gocryptfs
  :straight (:local-repo "~/your folder/gocryptfs")
  :custom
  (gocryptfs-vaults
   '((:name "personal"
            :cipher-dir "~/.tomb"
            :mount-dir "~/Perso")
     (:name "pro"
            :cipher-dir "~/.tomb2"
            :mount-dir "~/Pro"))))

Usage

Initialize a vault

Before mounting a vault for the first time, it must be initialized:

M-x gocryptfs-init-vault

This command:

• creates required directories if needed
• validates that the cipher directory is empty
• securely asks for a password (twice)
• runs gocryptfs -init

Mount a vault

M-x gocryptfs-mount

You will be prompted to select a vault and enter its password.

The mount process is asynchronous and does not block Emacs.

Unmount a vault

M-x gocryptfs-umount

Latest commits

• 93a039a - fix: doc
• f753abe - doc: org file
• f1af34a - add: security
• fe43b40 - fix: minor error
• 81d69e5 - fix: readme