Results 1 to 4 of 4

Thread: How-to: Enable encryption after you have installed

  1. #1
    Join Date
    May 2008
    Location
    United Kingdom
    Beans
    5,261
    Distro
    Ubuntu

    Post How-to: Enable encryption after you have installed

    IMPORTANT

    This thread has been moved to the Community Wiki. I shall no longer update this thread (although you are welcome to post queries here); I shall update the Wiki instead.

    A thread for discussion of the wiki page only can be found here http://ubuntuforums.org/showthread.p...1#post12062071

    Thread closed.

    __________________________________________________

    Normally, if you want to have encrypted data (a.k.a. an encrypted home folder), you specify this when you install or when you create a new user.

    But what happens if you decide only afterwards that you want to encrypt your data?

    Here is how to do so. This will encrypt a single user; if you wish to encrypt every user, you need to repeat the how-to for each one.
    __________________________________________________

    DISCLAIMERS & WARNINGS

    • I tested this on Ubuntu Precise 12.04. I do not know whether or not it will work on other distributions.




    • You may want to print this post in case it doesn't work, so you can recover (Test your New Login; and Finalise, below).

    __________________________________________________

    PREPARATION

    1. Check your wallpaper. Due to an existing bug, you will be unable to log in with encrypted folders if your wallpaper is in an encrypted area. So, either:
      • Change your wallpaper to one of the standard ones; or
      • Move your wallpaper to /usr/share/backgrounds and then set your wallpaper to it over there.

    2. This procedure is safe as it creates an encrypted copy of your folder, which means you need sufficient space on your drive to duplicate everything you have! If you don't, you need to back up your big data (e.g. movies); delete that data; run through this how-to; and restore your deleted data. (Having said that, I always recommend a full backup anyway in case of unexpected problems.)
    3. This process uses the Terminal and the Recovery Mode. If you don't know how to use them, please find out before proceeding.
    4. Install ecryptfs-utils. You may use Ubuntu Software Centre or, if you prefer, your favourite package manager, or enter the command:
      Code:
      sudo apt-get install ecryptfs-utils

    __________________________________________________

    HOW TO ENCRYPT YOUR FOLDER

    In this how-to, I've used my user name paddy. Please replace it with your user name.

    1. Reboot into Recovery Mode.
    2. Drop to root shell prompt.
    3. Fix existing 12.04 bugs as follows:
      Code:
      mount --options remount,rw /
      mount --all
    4. Encrypt your folder. It prompts you for your password, runs, then gives you some warnings. I'll talk about the warnings in the next step.
      Code:
      ecryptfs-migrate-home --user paddy
    5. In the warnings, note the name of the temporary folder that is shown on your screen. It will look something like /home/paddy.ChPzzxqD. The last 8 characters will be random; we will call these eight characters your random characters.
    6. Ignore the rest of the warnings.
    7. Reboot with the following command (it may take several seconds to get going; be patient).
      Code:
      reboot now

    __________________________________________________


    TEST YOUR NEW LOGIN; AND FINALISE

    Log in normally. Check that everything seems to work properly.

    Did it work?

    • Yes, it worked:
      1. Open a terminal and enter the following command. Replace my random characters with yours (as noted in How to Encrypt Your Folder above, step 5).
        Code:
        sudo rm -R /home/paddy.ChPzzxqD
      2. Restore any data, if you deleted some to make space (Preparation above, step 2).
      3. Set up encrypted swap space, as follows. Note: This step needs to be done only once; if you already have an encrypted user, you can skip this step.
        Code:
        sudo ecryptfs-setup-swap
      4. Reboot.



    • No, it didn't work:
      1. Repeat How to Encrypt Your Folder above, steps 1-3.
      2. Check that your random-name folder really is there with the following command; you should not see an error:
        Code:
        ls -l /home/paddy.ChPzzxqD
      3. Type the following commands. Ensure you replace paddy and the random characters.
        Code:
        cd /home
        rm -R  paddy  .ecryptfs/paddy
        mv  paddy.ChPzzxqD  paddy
      4. Reboot.
        Code:
        reboot now
      5. Restore any data, if you deleted some to make space (Preparation above, step 2).

    Last edited by nothingspecial; June 29th, 2012 at 09:18 AM.
    Always make regular backups of your data (and test them).
    Visit Full Circle Magazine for beginners and seasoned Linux enthusiasts.

  2. #2
    Join Date
    Mar 2007
    Location
    Denver, CO
    Beans
    7,958
    Distro
    Ubuntu Mate 16.04 Xenial Xerus

    Re: How-to: Enable encryption after you have installed

    This thread is awesome, however I dont believe it belongs in the General Help section.

  3. #3
    Join Date
    May 2008
    Location
    United Kingdom
    Beans
    5,261
    Distro
    Ubuntu

    Re: How-to: Enable encryption after you have installed

    Quote Originally Posted by kevdog View Post
    This thread is awesome, however I dont believe it belongs in the General Help section.
    Thank you.

    Where would the thread belong? Perhaps a moderator can move it to the right place.
    Always make regular backups of your data (and test them).
    Visit Full Circle Magazine for beginners and seasoned Linux enthusiasts.

  4. #4
    Join Date
    Jan 2008
    Location
    Manchester UK
    Beans
    13,573
    Distro
    Ubuntu

    Re: How-to: Enable encryption after you have installed

    This thread is closed.

    The information is now held on the community wiki at https://help.ubuntu.com/community/Po...tionEncryption

    Thank you for your thread and the work you have done in keeping it current and of use to the community.

    A thread for discussion of the wiki can be found at http://ubuntuforums.org/showthread.php?t=2012410


    Support threads regarding the wiki and it's content should be created in a suitable forum.

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •