## <> ## <> ## <> ||<>|| = Post Installation Encryption = Normally, if you want to have encrypted data (a.k.a. an encrypted home folder), you specify this when you install or when you create a new user. But what happens if you decide only afterwards that you want to encrypt your data? Here is how to do so. This will encrypt a single user; if you wish to encrypt several users, you need to repeat the how-to for each one. == Disclaimers & Warnings == * These instructions have only been tested on Ubuntu 12.04. Do not assume they will work on other distributions. * Enabling encryption will disable hibernation but you can re-enable it afterwards by following the instructions given in [[EnableHibernateWithEncryptedSwap|Enable Hibernation with Encryption]] on this wiki. * You may want to print this page in case it doesn't work, so you can recover ([[PostInstallationEncryption#Test_New_Login_And_Finalize|Test New Login and Finalize]], below). == Preparation == 1. Check your '''wallpaper'''. Due to [[https://bugs.launchpad.net/ubuntu-tweak/+bug/888186| an existing bug]], you will be unable to log in with encrypted folders if your wallpaper is in an encrypted area. So, either: 1. Change your wallpaper to one of the standard ones; or <
> 1. Move your wallpaper to `/usr/share/backgrounds` and then set your wallpaper to it over there. 1. This procedure is safe as it creates an encrypted copy of your folder, which means '''you need sufficient space''' on your drive to duplicate everything you have! If you don't, you need to '''back up''' your big data (e.g. movies); '''delete''' that data; run through this how-to; and '''restore''' your deleted data. (Having said that, I always recommend a '''full backup''' anyway in case of unexpected problems.) 1. This process uses the '''Terminal''' and the '''Recovery Mode'''. If you don't know how to use them, please find out before proceeding. 1. Install '''ecryptfs-utils'''. You may use Ubuntu Software Center or, if you prefer, your favourite package manager, or enter the command:{{{ sudo apt-get install ecryptfs-utils }}} == Encrypt The Folder == This tutorial will use the name '''zaphod''' for the user name. Please replace it with your user name. 1. Reboot into Recovery Mode. 1. Drop to root shell prompt. 1. Fix existing 12.04 bugs as follows:{{{ mount --options remount,rw / mount --all }}} 1. Encrypt your folder. It prompts you for your password, runs, then gives you some warnings. I'll talk about the warnings in the next step.{{{ ecryptfs-migrate-home --user zaphod }}} 1. In the warnings, note the name of the temporary folder that is shown on your screen. It will look something like `/home/zaphod.ChPzzxqD`. The last 8 characters will be random; we will call these eight characters your '''random characters'''. 1. Ignore the rest of the warnings. 1. Reboot with the following command (it may take several seconds to get going; be patient).{{{ reboot now }}} == Test New Login And Finalize == Log in normally. Check that everything seems to work properly. Did it work? === Yes, it worked: === 1. Open a terminal and enter the following command. Replace `zaphod` and the random characters with yours (as noted in [[PostInstallationEncryption#Encrypt_The_Folder|Encrypt The Folder]] above, step 5).{{{ sudo rm -R /home/zaphod.ChPzzxqD }}} 1. Restore any data, if you deleted some to make space ([[PostInstallationEncryption#Preparation|Preparation]] above, step 2). 1. Set up encrypted swap space, as follows. Note: This needs to be done only once; if you already have an encrypted user, you can skip this step.{{{ sudo ecryptfs-setup-swap }}} 1. Reboot. === No, it didn't work: === 1. Repeat [[PostInstallationEncryption#Encrypt_The_Folder|Encrypt The Folder]] above, steps 1-3. 1. Check that your random-name folder really is there with the following command; you should '''not''' see an error (ensure you replace `zaphod` and the random characters):{{{ ls -l /home/zaphod.ChPzzxqD }}} 1. Type the following commands. Ensure you replace `zaphod` and the random characters.{{{ cd /home rm -R zaphod .ecryptfs/zaphod mv zaphod.ChPzzxqD zaphod }}} 1. Reboot.{{{ reboot now }}} 1. Restore any data, if you deleted some to make space ([[PostInstallationEncryption#Preparation|Preparation]] above, step 2). ---- Originally posted [[http://ubuntuforums.org/showthread.php?t=1987630|The Ubuntu Forums (ubuntuforums.org)]]