This should be a no-brainer for anyone carrying anything important around on a laptop.
IMHO, relying on a user password (like a login password) is not a great idea, since anyone with physical access to the disk can get to your data easily. OTOH, using disk encryption seems like overkill – since if [...]

Thunderbird email (where IMAP or POP) still downloads the subject lines (at minimum) into a local database. This is a potential security threat if the laptop falls into unfriendly hands.
Solution : Move local data store into a directory protected by EncFS
The following assumes that you can find the data store under the server [...]

So that I could continue developing the ‘Trading Account Management’ system while on the road, the installation of lighttpd/database had to be secured. In particular, sqlite had to be used rather than mysql, since the data in the database itself was critical to the business (and there was no time to conjure up ‘fake [...]

Quick script for a laptop – to protect data (somehow this has never occurred to anyone the UK government employs…) :
#!/bin/bash
DIALOGTEXT=”Enter the Fieldstone EncFS Password”
encfs \
-o allow_other \
–extpass=”zenity –title ‘EncFS Password’ –entry –hide-text –text ‘$DIALOGTEXT’” \
~/.Fieldstone.encfs/ ~/Fieldstone/
This can be paired with an un-mounter :
#!/bin/bash
fusermount -u Fieldstone

Back-up the server onto an insecure host
#! /usr/bin/perl -wuse strict;
my $home=’/home/whatever’;
if(1) { # Mount the server directory on the encfs mount-point system(qq(mkdir -p $home/server-enc/));
# The -S option is to read the password from stdin # The mount options passed include ‘read-only’ my $encfs_config=qq(ENCFS6_CONFIG=$home/server_dot-encfs6.xml);
# Store the encfs password locally – so it doesn’t [...]

To get this installed with ‘useraccount’ having the rights to use the
fuse
system, as root do :
# yum install encfs# /usr/sbin/groupadd -r fuse# /usr/sbin/usermod -a -G fuse useraccount
# Restart X11 – to get the groups right
Now, as your regular user account (’useraccount’ from above) :
$ encfs ~/.Fieldstone-Secure.encfs ~/Fieldstone-Secure
# If file doesn’t exist initially, [...]