HOW TO: Encrypt /home and swap with ecryptfs in LMDE

Write tutorials and howtos in here
More tutorials here http://community.linuxmint.com/tutorial/welcome
Forum rules
Do not start a support topic here please, Before you post please read this

HOW TO: Encrypt /home and swap with ecryptfs in LMDE

Postby kirmonkey on Sun Jan 27, 2013 1:21 pm

Just a short tutorial here for those of you using LMDE who want to have an encrypted /home and swap without the bother of LVM or boot-time passwords.

One situation this may be useful for is if you install a laptop tracker such as Prey http://preyproject.com/ which depends on a thief being able to login to your stolen laptop as guest to trigger the tracking and picture capture capabilities.

In Ubuntu and Mint this is done with ecryptfs (note the lack of an 'n' in the name) and I have been successful doing this in LMDE on a fresh install.

WARNING WARNING WARNING

Have 2, yes 2, backups of your data before you try this - I chose to do this on a fresh install for space reasons. I then restored all my data from my 1st backup. My data is secure and I have a chance of recovering my stolen laptop in the future.


1. Install ecryptfs:
Code: Select all
sudo apt-get install ecryptfs-utils

2. logout
3. ctrl+alt+f4 to switch to a virtual terminal
4. at the prompt login as 'root' and enter your user password
5.
Code: Select all
ecryptfs-migrate-home -u USER
- where USER is the username you want to migrate to an encrypted home
6. Read the warnings and follow the instructions
7. For your swap partition (optional)
Code: Select all
ecryptfs-setup-swap

8. ctrl+alt+f7 to retrun to your graphical environment
9. login (hopefully)
10. To test I booted up a live disto and attempted to read my home directory - just dead links to two documents about encryption

The utility creates a backup of your data in the /home directory - you can remove this when you are sure all your data are there (space could be an issue for this if you choose not to do this with a fresh install)

Here are some useful links:

Prey laptop tracker: http://preyproject.com/
Ecryptfs homepage http://ecryptfs.org/
Ecryptfs goodness http://blog.dustinkirkland.com/2011/02/long-overdue-introduction-ecryptfs.html - With thanks


Comments, corrections and criticism welcome...

The Monkey
kirmonkey
Level 1
Level 1
 
Posts: 9
Joined: Tue Jun 15, 2010 10:39 pm

Linux Mint is funded by ads and donations.
 

Re: HOW TO: Encrypt /home and swap with ecryptfs in LMDE

Postby michaelzap on Tue Feb 19, 2013 9:25 pm

Thanks for the tutorial. I also had to modprobe ecryptfs and add it to /etc/modules so that it would always run. Might want to add that.
michaelzap
Level 3
Level 3
 
Posts: 156
Joined: Sat Sep 11, 2010 9:32 pm


Return to Tutorials / Howtos

Who is online

Users browsing this forum: No registered users and 3 guests