Results 1 to 10 of 14

Thread: remove home dir encryption?

Hybrid View

  1. #1
    Join Date
    Oct 2006
    Beans
    4,627
    Distro
    Kubuntu 17.04 Zesty Zapus

    Re: remove home dir encryption?

    Code:
    ecryptfs-setup-private --undo
    will tell you what you need to do.
    Blog | Ubuntu User #15350 | Zsh FTW | Ubuntu Security | Nothing to hide?
    AMD Phenom II X6 1075T @ 3GHz, Nvidia GTX 650, 8GB DDR3 RAM, 1 X 1TB, 2 X 3TB HDD
    Please don't request support via PM


  2. #2

    Re: remove home dir encryption?

    FuturePilot, thank you for your reply. That command is for removing the ~/.Private ecryptfs mounted directory. I would like to remove the encryption on my $HOME dir itself, which I (rashly) chose during install.

    One option may be to backup the home directory contents (in non-encrypted form), delete the user (and home dir), then create a new user without the encrypted home dir.

    Is that the only way?

  3. #3
    Join Date
    Oct 2006
    Beans
    4,627
    Distro
    Kubuntu 17.04 Zesty Zapus

    Re: remove home dir encryption?

    Quote Originally Posted by nyhm View Post
    FuturePilot, thank you for your reply. That command is for removing the ~/.Private ecryptfs mounted directory. I would like to remove the encryption on my $HOME dir itself, which I (rashly) chose during install.

    One option may be to backup the home directory contents (in non-encrypted form), delete the user (and home dir), then create a new user without the encrypted home dir.

    Is that the only way?
    It works the same way for an encrypted $HOME. Just apply the instructions but use your $HOME directory instead of Private.

    Basically, backup your data, unmount your encrypted home, make your home directory writable, and then delete /home/.ecryptfs/$USER (if you're the only user with an encrypted home, you can probably just delete the whole /home/.ecryptfs), restore your data back to /home/$USER.
    Blog | Ubuntu User #15350 | Zsh FTW | Ubuntu Security | Nothing to hide?
    AMD Phenom II X6 1075T @ 3GHz, Nvidia GTX 650, 8GB DDR3 RAM, 1 X 1TB, 2 X 3TB HDD
    Please don't request support via PM


  4. #4

    Re: remove home dir encryption?

    Oh, nice! Thanks for the clarification. I expected there to be something to configure with the login system. Does login simply skip the ecryptfs-mount step if there is no /home/.ecryptfs/$USER dir?
    Last edited by nyhm; December 8th, 2009 at 06:15 AM.

  5. #5
    Join Date
    Oct 2006
    Beans
    4,627
    Distro
    Kubuntu 17.04 Zesty Zapus

    Re: remove home dir encryption?

    Quote Originally Posted by nyhm View Post
    Oh, nice! Thanks for the clarification. I expected there to be something to configure with the login system. Does login simply skip the ecryptfs-mount step if there is no /home/.ecryptfs/$USER dir?
    Yes. You don't need to modify anything with the login system.
    Blog | Ubuntu User #15350 | Zsh FTW | Ubuntu Security | Nothing to hide?
    AMD Phenom II X6 1075T @ 3GHz, Nvidia GTX 650, 8GB DDR3 RAM, 1 X 1TB, 2 X 3TB HDD
    Please don't request support via PM


  6. #6
    Join Date
    Mar 2009
    Location
    USA
    Beans
    538

    Re: remove home dir encryption?

    Does anyone have a source of UPDATED documentation on ecryptfs only for 9.10? I'm finding all the old information confusing and actually quite dangerous since it doesn't always apply or isn't even always necessary to do what is suggested.

    I'd like to be able to read up on things, answer some of my own questions, and generally understand what is going on with the encryption more.

    Apologies for adding this to the thread but it is somewhat related (people ask these questions in part due to the lack of recent accessible documentation) and I didn't want to start yet another thread. Thanks.
    100% Microsoft Free Since April 2, 2009

  7. #7

    Re: remove home dir encryption?

    I second that request (but have nothing further to add).

  8. #8

    Re: remove home dir encryption?

    Quote Originally Posted by FuturePilot View Post
    Code:
    ecryptfs-setup-private --undo
    will tell you what you need to do.
    Wow - that was harrowing, but I think I did it! Many thanks to FuturePilot (et al.).

    Disclaimer: Don't blame me if you lose your home dir.

    Here's what I did to remove my home dir encryption (suppose abc is my username, and xyz is another created in this process):

    1. While logged in as abc, close all applications and backup home dir to another location (I used tar and made sure to exclude .Private and .ecryptfs)
    2. Create another user (xyz) with "Administer the system" privileges
    3. Log out abc, log in as xyz
    4. Use sudo to remove all files (including hidden) found in /home/abc
    5. Use sudo to remove /home/.ecryptfs/abc
    6. Use sudo to restore /home/abc contents (e.g., from tar file)
    7. Optional: sudo chmod go+rX /home/abc

    In summary, and in conclusion, I was really impressed with Ubuntu 9.10's automatic and painless setup of an encrypted home dir. However, I encountered too many pitfalls (to be documented elsewhere) for my personal use cases.

    As a followup, I will attempt to use ecryptfs-setup-private to create a similarly encrypted .Private dir within my home dir, into which I can place/symlink specific files...

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •