Saturday, August 11, 2012

HOWTO : Encrypt the Home Directory in Ubuntu

You may want to encrypt the home working directory or any user's working home directory if you have not been set it up during the installation of Ubuntu.

Step 1 :

sudo apt-get install ecryptfs-utils

Step 2 :

adduser tempuser admin

Logout and re-login as tempuser.

Step 3 :

sudo ecryptfs-migrate-home -u samiux

Logout and re-login as samiux. But DO NOT reboot your system.

If you are not asking for the "Passphrase", you should enter the following command :

sudo ecryptfs-add-passphrase

Step 4 (Optional) :

You can check the Passphrase at any time by the following command :

sudo ecryptfs-unwrap-passphrase

Save the "Passphrase" somewhere and keep it safe for manual recovery.

Step 5 (Optional) :

I suggest you to encrypt the swap too.

sudo ecryptfs-setup-swap

Step 6 :

Then, if everything is working fine, you can delete the ramdonized file and delete the tempuser.

sudo rm -rf /home/samiux.*
sudo deluser --remove-home tempuser

That's all! See you.