Friday, 6 April 2012

How-to: Home Folder Encryption in Ubuntu

How paranoid are you about theft or the sensitivity of your personal and business data? You may want to consider encrypting your Home folder.

The Ubuntu 11.10 installer, offers to securely encrypt the Home folder; put the check in the box for this during the install.

On first login, you will be prompted for an encryption pass-phrase to your private home folder. You may as well allow the encrypt-fs software to generate your pass phrase, it will generate a strong pass phrase consisting of at least 32 uppercase and lowercase letters, numbers, white spaces and special characters.

Unlike ordinary passwords you will never enter it directly yourself; it generates a 128-bit (16 character) hash key. Store this in a safe and secure place it is the key to recovering the data from your home directory if you ever have to manually recover.

If you don't choose this option during Ubuntu 11.10 installation, you can easily do it later by installing ecryptfs-utils, which is in the Ubuntu Software Center or by running the terminal command

sudo apt-get install ecryptfs-utils

After installing this package you should be able to select “Encrypt Home Folder” from the right-click menu in Nautilus. The command

sudo ecryptfs-migrate-home -u USERNAME

will encrypt the home folder for the specified user-name. RC