How To Encrypt Ubuntu Home Folder From Command Line Using eCryptfs

Advertisement

Drive encryption is meant to secure your hard drive in case your computer is stolen or compromised with critical information in it, such as bank account credentials, credit card or social security number. During the installation of Ubuntu 11.10 Oneiric Ocelot, an option is provided to encrypt the Home folder to secure your files and folders. In case you haven’t selected this option during installation, you can easily do it using the ecryptfs-utils command line. eCryptfs is a cryptographic stacked Linux file system, which stores cryptographic metadata in the header of written files, to allow encrypted files to be copied between hosts. The file is then decrypted using the proper key in the Linux kernel keyring.

To encrypt your Home folder, open a Terminal window and install ecryptfs-utils command line by entering the below command:

sudo apt-get install ecryptfs-utils

Now, encrypt the Home directory of a user by using this command. Make sure that you replace the word “username” with the name of the user for which you wish to encrypt the Home folder (as shown in the screenshot below).

sudo ecryptfs-migrate-home –u “username”

Ubuntu 11

Note: Make a complete backup copy of the non-encrypted data to another system or external media. This is to ensure that in case of an error, you can avoid data loss by reverting the changes.

Once you have entered the above command, you will require logging into the respective user account prior to a system reboot, in order to complete the encryption process. After you login, a new window ill pop-up, click Run this action now.

RUn This Action

This will open a Terminal window, where you will require entering your password, after which a passphrase for your Home directory will appear. Make sure that you save it. In case you forget the passphrase, it can be recovered by entering the following command in Terminal.

ecryptfs-unwrap-passphrase

If you would like to find encryption instructions for your Dropbox account, then check out our post here.

Advertisement
  • Donald Flood

    Tried out the commands in the article and everything appears to have worked fine; however, I now have two directories in my ‘home’ folder — home/user & home/user.j7TlOp83, which appears to contain my original (perhaps unencrypted?) home directory.  Is it safe to delete this directory?  Is it unencrypted data?