rfjakob / gocryptfs Goto Github PK

Sorry, docs don't seem to have an example syntax for this...

How do I change a password when I have the masterkey but I don't know the old password?

Sorry, don't know if this is an issue, or just my not knowing how to do something. I want to samba share my unencrypted fuse mount and my understanding is that fuse needs -oallow_other sent to it upon mount request. Is there a way to get gocryptfs to pass this flag through to fuse when starting/mounting my encrypted directory?

(You may think I'm mad to samba share this, but it's for very transient use between a group of people in an enclosed private network)

How do I do that?

It doesn't work in this way (it just shows this Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT):

gocryptfs#/home/user/volume /home/user/.gocryptfs-mount/volume fuse allow_other,quiet,config=/home/user/gocryptfs-volume.conf,extpass=cat\040/home/user/gocryptfs-volume.pass 0 0

Also how do I specify a key file using command line to unlock the volume, not the password?

Versions used:

gocryptfs v1.0; go-fuse 41c29e1; 2016-10-03 go1.7.1

Hi rfjakob,
Thank you for your replies in my ENCFS thread here: vgough/encfs#122. I am delighted to test GoCryptFS on OSX and provide some feedback.

I had also read about GoCryptFS in a few reddit threads too and was curious to know more, I hadnt realised you were the author of this :)

I have a few questions, I hope you dont mind:

1. Can filename/foldername encryption be disabled? I only want to encrypt the contents.

2. is it possible to decrypt just one file without having to download the entire folder? This is possible with ENCFS if you disable external IV chain. This is a very useful feature if you just want to download individual files / folders from the cloud and decrypt them.

3. Is it possible to store the keyfile outside of the encrypted folder? Like it is with ENCFS

4. The encryption logic seems very similar to https://github.com/cryptomator/cryptomator, are there any differences/similarities that you are aware of? (I am not that familiar with encryption)

Thanks

Hello @rfjakob,
I'm curious, why not collaborate with EncFS to help address open security issues rather than start a completely new project from scratch?

Disclaimer: I once migrated EncFS from SVN to Git. Probably my only meaningful contribution to the project but I've contributed to it none the less.

tar xzf linux-3.0.tar.gz is my canonical small-file benchmark. Gocryptfs takes 2x the time compared to EncFS.
Looking at the cpu profile, this is caused by heavy GC activity that originates in go-fuse. For each created file, an inode object is allocated. Recycling inode objects could reduce GC pressure considerably.

As a follow-up to issue #37:

Is it safe to upload gocryptfs.conf into the cloud, if the password is strong enough?

If yes, how strong should the password be?

Hi,

im currently trying to compile gocryptfs by using the bash script which ends in the following build error:

package .
    imports github.com/rfjakob/gocryptfs/internal/configfile: use of internal package not allowed
package .
    imports github.com/rfjakob/gocryptfs/internal/contentenc: use of internal package not allowed
package .
    imports github.com/rfjakob/gocryptfs/internal/cryptocore: use of internal package not allowed
package .
    imports github.com/rfjakob/gocryptfs/internal/fusefrontend: use of internal package not allowed
package .
    imports github.com/rfjakob/gocryptfs/internal/nametransform: use of internal package not allowed
package .
    imports github.com/rfjakob/gocryptfs/internal/toggledlog: use of internal package not allowed

go build produces the same result.

Any hints or advice to overcome this build error. I am using Go 1.6.

BTW: Building with gcc-go results in

could not determine kind of name for C.SSLv3_method

I installed openssl (there is no extra dev-Packge for ArchLinux) before.

There are at least five actions one can take with gocryptfs:

1. creating a share
2. mounting a share
3. unmounting a share
4. changing the password of a share / configuring a share
5. printing the version number

Sounds like a job for sub-commands!

gocryptfs --init cipher             -->  gocryptfs init     cipher
gocryptfs cipher plain              -->  gocryptfs mount    cipher plain
fusermount -u plain                 -->  gocryptfs unmount  cipher
gocryptfs -passwd secretive cipher  -->  gocryptfs password cipher newPassword
gocryptfs -version                  -->  gocryptfs version

There's several libraries that help with global flags, sub-commands, and per-command flags.
Thoughts?

Is it possible to decrypt just one file without having to download the entire folder? This is possible with ENCFS if you disable external IV chain. This is a very useful feature if you just want to download individual files / folders from the cloud and decrypt them.

Yes. Every file is independent.

see discussion here #2 (comment) and here #2 (comment)

Because it's Go, could it be made to run on Windows as well? (Cross-platform support is an attractive feature.)

The problem with windows is that it does not have FUSE support. Linux has
it built-in and Mac has the OSXFuse project.
On windows, the only thing i am aware of is http://encfsmp.sourceforge.net/
. They SOMEHOW managed to get encfs (which also uses FUSE) running on
windows, using a closed-source windows kernel driver and lots of black
magic.

See discussion here #2 (comment) and here #2 (comment)

On my system Go crypto seems to be a lot faster than OpenSSL crypto.
I started to investigate this with gocryptfs 0.9 and perf on Linux 4.4. Under heavy load (multiple rsync's ongoing) perf attributed 60% overhead to the Go runtime's native call checks (runtime.cgoCheckArg), which were caused by OpenSSL calls.
I will provide proper benchmarks with gocryptfs 0.10-rc1, once my system is idle again.

$ cat /proc/cpuinfo 
[...]
model name  : Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
[...]
flags       : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm epb tpr_shadow vnmi flexpriority ept vpid fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm xsaveopt dtherm ida arat pln pts
[...]

The following tests fail for me on Ubuntu 16.04, on a btrfs filesystem:

--- FAIL: TestFallocate (0.01s)
    matrix_test.go:215: Expected 2 4k block(s), got 4
    matrix_test.go:244: Expected 2 4k block(s), got 4
    matrix_test.go:252: Expected 3 4k block(s), got 5
    matrix_test.go:265: Expected 4 4k block(s), got 6
--- FAIL: TestLongNames (0.00s)
    matrix_test.go:531: n255s is not in directory listing
FAIL
FAIL    github.com/rfjakob/gocryptfs/tests/matrix   1.082s

Are the block size checks specific to a filesystem type?

using gocryptfs 1.1

run gocryptfs --help and observe multiple instances of compatability word. I think this word is a mistype of word compatibility

Is reverse mounting possible? Ie. mount a normal folder and come up with a fuse encrypted one?

No, and this is not planned at the moment. The thing is, AES-GCM (the encryption mode that gocryptfs uses) needs a random value for each block. For forward encryption, this random value is stored on disk inside the encrypted files. For reverse mode, there is no place to store that value.

See discussion here #2 (comment) and here #2 (comment)

When I try to setup encryption dir on the ZFS (ZoL 0.6.5.6-0ubuntu8 on ubuntu 16.04. gocryptfs is pulled from github using go get... and the latest commit is f035d3e) the files fail to be created.

Empty files work fine, but writing content to them fails.

$ gocryptfs -init foo                                                     ⏎
Choose a password for protecting your files.
Password: 
Repeat: 
The filesystem has been created successfully.

$ gocryptfs -debug -f foo bar
Debug output enabled
Password: 
Decrypting master key... 
done.

Now when I do touch bar/asdf it works fine. But trying to write something to it, using echo 1 > bar/asdf results in echo: write error: operation not supported and the following message in the gocryptfs running in foreground:

FS.GetAttr('asdf')
encryptPath 'asdf' -> './d2pkC2SxDZKpB2pWoii1sA==' (err: <nil>)
FS.GetAttr failed: 2=no such file or directory
encryptPath 'asdf' -> './d2pkC2SxDZKpB2pWoii1sA==' (err: <nil>)
getBackingPath: /home/123/foo + asdf -> /home/123/foo/d2pkC2SxDZKpB2pWoii1sA==
FS.GetAttr('asdf')
encryptPath 'asdf' -> './d2pkC2SxDZKpB2pWoii1sA==' (err: <nil>)
ino1068371: FUSE Write: offset=0 length=5
ino1068371: createHeader: prealloc failed: operation not supported

It doesn't matter what means of writing the file I use. cp, rsync etc all fail in the same way.

The very same version works if I put "foo" dir on tmpfs or ext4.

Given gocryptfs -reverse data view
I would like to periodically find view -mtime +7 -exec mv "{}" cold-storage \;
and the corresponding item(s) in data be gone.

In other words:
I'd like to (re-)move files from the reverse-view so that the original file is being unlinked.

As the title already says, when cat-ing gocryptfs.conf I've noticed that the file doesn't have a newline at the end.

@rfjakob , i am now using gocryptfs to encrypt my home directory but i am getting lots of crashing ( transport endpoint not connected ) when doing high i/o. Actually i can easily replicate when i try use crossover ( wine manager) to install microsoft office. Any information i can provide to help debugging? I have tried the same process in other machine and also crashed, but i haven't created a log though i think it is probably the same.

Using gocryptfs v1.1-rc1-21-gdc78e63; go-fuse 41c29e1; 2016-10-15 go1.6.2

These are the last lines from -debug: ( if i am leaking some key , please tell me so i could recreate my encrypted folder )

2016/10/15 16:04:13 Dispatch 484614: WRITE, NodeId: 7487.  8192 bytes
ino3277431: FUSE Write: offset=82059264 length=8192
nonceGenerator.Get(): d0369a49e11c1d9087f3980f488b4ce7
ino3277431: Writing 4096 bytes to block #20034
nonceGenerator.Get(): 60a3314d85d0065d80b066f07e77f9c5
ino3277431: Writing 4096 bytes to block #20035
2016/10/15 16:04:13 Dispatch 484615: SETATTR, NodeId: 3826. data: {mtime 1475522697.000000000} 
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xb code=0x1 addr=0x0 pc=0x520572]

goroutine 41847 [running]:
panic(0x6cd8c0, 0xc82000e100)
    /usr/lib/go-1.6/src/runtime/panic.go:481 +0x3e6
github.com/hanwen/go-fuse/fuse/nodefs.(*loopbackFile).Utimens(0xc82089fae0, 0x0, 0xc82013a140, 0x0)
    /dev/shm/src/github.com/hanwen/go-fuse/fuse/nodefs/files_linux.go:41 +0x202
github.com/rfjakob/gocryptfs/internal/fusefrontend.(*file).Utimens(0xc820850b40, 0x0, 0xc82013a140, 0x0)
    /dev/shm/src/github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:392 +0xb4
github.com/hanwen/go-fuse/fuse/pathfs.(*pathInode).Utimens(0xc820462f00, 0x0, 0x0, 0x0, 0xc82013a140, 0xc820ede018, 0x0)
    /dev/shm/src/github.com/hanwen/go-fuse/fuse/pathfs/pathfs.go:698 +0x1c2
github.com/hanwen/go-fuse/fuse/nodefs.(*rawBridge).SetAttr(0xc82005eb40, 0xc820ede000, 0xc8206aa338, 0x0)
    /dev/shm/src/github.com/hanwen/go-fuse/fuse/nodefs/fsops.go:251 +0x3ce
github.com/hanwen/go-fuse/fuse.doSetattr(0xc8200a00e0, 0xc8206aa240)
    /dev/shm/src/github.com/hanwen/go-fuse/fuse/opcode.go:161 +0x54
github.com/hanwen/go-fuse/fuse.(*Server).handleRequest(0xc8200a00e0, 0xc8206aa240, 0xc8206aa240)
    /dev/shm/src/github.com/hanwen/go-fuse/fuse/server.go:398 +0x2ff
github.com/hanwen/go-fuse/fuse.(*Server).loop(0xc8200a00e0, 0xc820b1be01)
    /dev/shm/src/github.com/hanwen/go-fuse/fuse/server.go:377 +0xde
created by github.com/hanwen/go-fuse/fuse.(*Server).readRequest
    /dev/shm/src/github.com/hanwen/go-fuse/fuse/server.go:285 +0x61e

I am using Software RAID, LVM, and ext3 File system. gocryptfs works fine on my ubuntu 14.04 LTS install on regular partitions (non RAID/LVM) but when I try to mount my RAID/LVM partition and use this I get the above error whenever I try to create a file. I get a message in Vi about disk space not available (however there are GBs free)

Hi,

let me first thank you for your great work! I'm very impressed what you achieved. :)
i want to report a small bug when creating directories when unionfs-fuse is layered on top.

without unionfs-fuse:
2015/12/09 21:01:26 Dispatch: MKDIR, NodeId: 1. data: {0775 (02)} names: [test3] 6 bytes

with layered unionfs-fuse:
2015/12/09 21:00:12 Dispatch: MKDIR, NodeId: 1. data: {00 (00)} names: [test2] 6 bytes

and unfortunately, the directory cannot be accessed.
i'm not sure if this is a problem of unionfs-fuse or gocryptfs.

Hi, thanks for your work.

is it safe if i upload my encrypted directory with the gocryptfs.diriv file to my cloud (Dropbox, ACD ect.)?

Could it be implemented that the password is provided via stdin to the gocryptfs command. Right now I am getting:

Could not read password from terminal: inappropriate ioctl for device

Additional question: Are there some security concerns in providing the password in that way. It doesn't have to be stdin, some other file descriptor would be also fine.
Thanks!

Hi, I try to use gocryptfs with amazon cloud (https://github.com/yadayada/acd_cli). Unfortunately amazon has a size limit to its upload. I want to use it for a storage of my multi media data center. Ripped bluray movies are larger than the allowed 10GiB per file. It would be nice if gocryptfs split the files automatically.
-- Tolotos

Can you please look into this bug report as i think the problem is in gocryptfs: mhogomchungu/sirikali#12

See discussion here
#2 (comment) and here #2 (comment)

No, not at the moment. I guess the use case is that you want to download single files from Dropbox, and with encrypted filenames you obviously cannot choose the right one.
I will add a parameter, probably --plaintextnames, to enable this.

See discussion here.. #2 (comment) and here #2 (comment)

Is planned, but there is no parameter yet. For now, you can use a symlink to achieve the effect. (store the gocryptfs.conf somewhere else, place a symlink in the encrypted directory).

Does gocryptfs do file locking through the fuse layer?

So if a mounted & decrypted file gets a lock by a process using it, will the underlying encrypted source file also have a lock?

Hey, its me again ;)

Since you checked Cryptomator's encryption scheme I think it is fair to return the favour. In your latest release you increased the nonce size. I think this is a questionable decision. It is highly recommended to use 96 bit nonces, as there is a strange if/else construction in GCM mode, which adds a lot of complexity for non-96-bit-nonces (leading to less easily provable security).

The second is that, when the nonce N is not 96 bits, the pseudorandom function Prf is not simply the blockcipher E. Instead, it is a rather complex construction that involves applying a polynomial-based hash to a padded and length-annotated N, keyed by the same key that is used for the hash Hash, and then applying the blockcipher E.

See http://web.cs.ucdavis.edu/~rogaway/papers/modes.pdf Chapter 12 for an in-detail analysis.

Of course the downside of using shorter nonces is the higher risk of collisions. If you choose a per-file-key instead of using the masterkey, you only have to worry about collisions within a file. I think it is fair to say those collisions will practically never happen for reasonable sized 😉 files.

I suggest to reverting the latest change and use 96 bit nonces again (not to be confused with the authentication tag size!) and introducing per-file-keys.

libfuse/libfuse#15

Hi,

I had a quick look and the section about the openssl wrapper "stupidgcm" caught my eye. I ran the test and it seems that (at least for Go 1.6 and 1.7) the internal GCM implementation is way faster or at least as fast as openssl. I ran the benchmark on my (rather recent) laptop on linux/amd64:

Benchmark4kEncStupidGCM-4         200000         12032 ns/op     340.42 MB/s
Benchmark4kEncGoGCM-4             300000          4035 ns/op    1014.99 MB/s
PASS

And on an older Server VM, also on linux/amd64:

Benchmark4kEncStupidGCM-4          20000             62587 ns/op          65.44 MB/s
Benchmark4kEncGoGCM-4              20000             61047 ns/op          67.10 MB/s
PASS

Maybe it's time to deprecate the openssl/stupidgcm wrapper :)

Thanks for your work!

Or maybe runs really slow? Will investigate next week.

When mounting a filesystem, gocryptfs does not check the result of fusermount:

/bin/fusermount: failed to open /etc/fuse.conf: Permission denied
Filesystem mounted and ready.

Note that mounting still worked despite this error message.
If it's not critical, maybe silence or explain it when printed?

We do not support fallocate(2) at the moment (neither does EncFS).

However, we do return the proper ENOSYS value so applications can automatically fall back to another allocation method.

This bug keeps track of the efforts to implement fallocate. If you are interested, the implementation will look a lot like Truncate() in [file.go](https://github.com/rfjakob/gocryptfs/blob/master/internal/fusefrontend/file.go!

Add an option similar to the --reverse option for encfs:

Normally EncFS provides a plaintext view of data on demand. Normally it stores enciphered data and displays plaintext data. With --reverse it takes as source plaintext data and produces enciphered data on-demand. This can be useful for creating remote encrypted backups, where you do not wish to keep the local files unencrypted.

For example, the following would create an encrypted view in /tmp/crypt-view.

encfs --reverse /home/me /tmp/crypt-view
You could then copy the /tmp/crypt-view directory in order to have a copy of the encrypted data. You must also keep a copy of the file /home/me/.encfs5 which contains the filesystem information. Together, the two can be used to reproduce the unencrypted data:
ENCFS5_CONFIG=/home/me/.encfs5 encfs /tmp/crypt-view /tmp/plain-view
Now /tmp/plain-view contains the same data as /home/me
Note that --reverse mode only works with limited configuration options, so many settings may be disabled when used.

(Quote from encfs man page)

On Linux, gocryptfs uses fallocate with FALLOC_FL_KEEP_SIZE to prevent the possibility of running out of space in the middle of writing a block. This would leave a corrupt block behind.

fallocate is not available on OSX at all.
The replacement is fcntl(fd, F_PREALLOCATE, ...). But this does not seem to be accessible via Go (there is no wrapper function).

The options are:

1. Write a wrapper function
   or
2. Find a library that exports fcntl

For me, a strong point in favour of gocryptfs over other alternatives (e.g. securefs or CryFS) is that it seems I'll always be able to decrypt my files without much effort. No complex data structures to traverse or chunks to join manually.

For example if I find an old archive (and its master key) 10 years from now, even if I run on a new fancy operating system that gocryptfs doesn't support, I could probably write a shell script that renames all files and decrypts them using openssl... just like I could do if I manually used tar and gpg.

Is that accurate? If so it would be awesome to have some something in the website/docs that emphasize the no vendor lock-in aspect and show a basic example of decrypting a folder.

During running the gocryptfs set of benchmarks I noticed the following error:
UNTAR: tar: linux-3.0/arch/microblaze/boot/dts/system.dts: Cannot utime: No such file or directory

This seems to be due to the target of symlinks being encrypted in a different way to encfs. This is an example to reproduce in a mounted folder:
touch test; ln -s test symlink; touch -h symlink; No such file or directory

Greetings.

This is not a bug report but i didnt know of where else to put this so i am saying it here.Hope you dont mind discussing non bugs in your bug tracker.

I have a project called "cryfs-gui[1] and i just added support for unlocking gocryptfs volumes and i though of informing you and users of your project of my GUI tool just in case they want a GUI tool to access their gocryptfs volumes.

Currently,the project can only unlock gocryptfs,it can not create them.

The project can also unlock gocryptfs volumes that uses an external config file(It supports the --config option).

Attached screenshot shows cryfs-gui main windows will unlocked volumes from all supported file systems.

Key points of my tool are:

1. It can manage volumes using passphrases.
2. It can manage volumes using keyfiles.
3. It can manage volumes using a combination of a key and a keyfiles.
4. It can manage volumes using passphrases hosted in KDE's kwallet,GNOME's libsecret and an internal system backed by libgcrypt.

[1] https://github.com/mhogomchungu/cryfs-gui

Hi,

the build.bash seems not work with multiple directories within the GOPATH variable:

$ echo $GOPATH
/home/jaltek/go:/usr/share/go/contrib

$ ./build.bash
./build.bash: line 10: cd: /home/jaltek/go:/usr/share/go/contrib/src/github.com/hanwen/go-fuse: No such file or directory

can you make it possible to disable the new (diriv) filename encryption for mounts (like it was before)

as far as i can tell it cannot be turned off any more. (like in mkdir)

func (fs *FS) Mkdir(relPath string, mode uint32, context *fuse.Context) (code fuse.Status) {
    if fs.isFiltered(relPath) {
        return fuse.EPERM
    }
    encPath, err := fs.getBackingPath(relPath)
    if err != nil {
        return fuse.ToStatus(err)
    }
    // The new directory may take the place of an older one that is still in the cache
    fs.CryptFS.DirIVCacheEnc.Clear()
    // Create directory
    fs.dirIVLock.Lock()
    defer fs.dirIVLock.Unlock()
    err = os.Mkdir(encPath, os.FileMode(mode))
    if err != nil {
        return fuse.ToStatus(err)
    }
    // Create gocryptfs.diriv inside
    err = cryptfs.WriteDirIV(encPath)
    if err != nil {
        // This should not happen
        cryptfs.Warn.Printf("Creating %s in dir %s failed: %v\n", cryptfs.DIRIV_FILENAME, encPath, err)
        err2 := syscall.Rmdir(encPath)
        if err2 != nil {
            cryptfs.Warn.Printf("Mkdir: Rollback failed: %v\n", err2)
        }
        return fuse.ToStatus(err)
    }
    return fuse.OK
}

nuetzlich.net uses an invalid security certificate. The certificate expired on 2016-05-06 10:57. The current time is 2016-05-08 14:41.

Go support Mac OS X, as does the FUSE library we use, go-fuse.

gocrypts may actually work out of the box on OSX, but there probably are small issues that have to be sorted out.

At the very least, gocryptfs has to be tested on OSX. As I do not have a Mac to test on, this would be an opportunity for somebody from the Mac community to step up. Please comment here if you are interested.

~/src/github.com/rfjakob/gocryptfs/test.bash

gocryptfs v0.9-rc1-2-g37a9b4c; on-disk format 2
?       github.com/rfjakob/gocryptfs    [no test files]
--- FAIL: TestDirOverwrite (0.00s)
    main_test.go:351: rename /tmp/gocryptfs_main_test/plain/DirOverwrite1 /tmp/gocryptfs_main_test/plain/DirOverwrite2: file exists
FAIL
FAIL    github.com/rfjakob/gocryptfs/integration_tests  2.070s
ok      github.com/rfjakob/gocryptfs/internal/configfile    0.796s
ok      github.com/rfjakob/gocryptfs/internal/contentenc    0.009s
ok      github.com/rfjakob/gocryptfs/internal/cryptocore    0.006s
?       github.com/rfjakob/gocryptfs/internal/fusefrontend  [no test files]
ok      github.com/rfjakob/gocryptfs/internal/nametransform 0.006s
?       github.com/rfjakob/gocryptfs/internal/toggledlog    [no test files]
ok      github.com/rfjakob/gocryptfs/openssl_benchmark  0.006s

I've also attached the test.bash -v output in case it is more helpful:
gocrypyptfs.txt

I'm running CentOS 7.2 3.10.0-327.4.5.el7.x86_64 .

Thank you

My current plan is to drop support for filesystems created by gocryptfs v0.6 and older in gocryptfs v1.0. This will get rid of a lot of compatibility code and keep the gocryptfs codebase clean and maintainable. Also, users of <= v0.6 filesystems are missing at least one security improvement (128 bit GCM IVs).

I have created a wiki page showing the compatibility matrix: https://github.com/rfjakob/gocryptfs/wiki/Compatibility

Opinions? Disagreement?

I started working on a PR, and noticed that Go lint gives lots of warnings.

Would you accept PRs to fix lint warnings, such as variable names & comments not matching Go standards?

After mounting, the filesystem works fine but the console occasionally prints this log message after mounting:

2016/01/03 22:24:25 Unimplemented opcode POLL

It would be nice if the process instead logged to a file - maybe gocryptfs.log next to gocryptfs.conf? Or perhaps not, since log messages might contain sensitive information and/or be trampled by simultaneous edits + remote sync services (Dropbox, etc).

How can I use this options on mount: -ko uid=$USER_ID,gid=$GROUP_ID,umask=$UMASK_PROP?
All files copied into plain will chown $USER_ID:$GROUP_ID and chmod using $UMASK_PROP in plain and cipher.

Is there any pam module to automount after login just like libpam-encfs ?

Overwriting a directory with another directory fails because gocryptfs.diriv is blocking the removal.

generic/023  - output mismatch (see /home/jakob/src/fuse-xfstests/results//generic/023.out.bad)
    --- tests/generic/023.out   2015-09-22 23:50:31.966720242 +0200
    +++ /home/jakob/src/fuse-xfstests/results//generic/023.out.bad  2015-12-11 22:52:25.679819307 +0100
    @@ -17,12 +17,12 @@
     samedir  dire/none -> none/dire.
     samedir  dire/regu -> Not a directory
     samedir  dire/symb -> Not a directory
    -samedir  dire/dire -> none/dire.
    +samedir  dire/dire -> Directory not empty
     samedir  dire/tree -> Directory not empty
     samedir  tree/none -> none/tree.
    (Run 'diff -u tests/generic/023.out /home/jakob/src/fuse-xfstests/results//generic/023.out.bad'  to see the entire diff)