HOW TO: Encrypt /home and swap with ecryptfs in LMDE

Archived topics about LMDE 1 and LMDE 2
Level 1
Level 1
Posts: 7
Joined: Tue Jun 15, 2010 10:39 pm

HOW TO: Encrypt /home and swap with ecryptfs in LMDE

Post by kirmonkey »

Just a short tutorial here for those of you using LMDE who want to have an encrypted /home and swap without the bother of LVM or boot-time passwords.

One situation this may be useful for is if you install a laptop tracker such as Prey which depends on a thief being able to login to your stolen laptop as guest to trigger the tracking and picture capture capabilities.

In Ubuntu and Mint this is done with ecryptfs (note the lack of an 'n' in the name) and I have been successful doing this in LMDE on a fresh install.


Have 2, yes 2, backups of your data before you try this - I chose to do this on a fresh install for space reasons. I then restored all my data from my 1st backup. My data is secure and I have a chance of recovering my stolen laptop in the future.

1. Install ecryptfs:

Code: Select all

sudo apt-get install ecryptfs-utils
2. logout
3. ctrl+alt+f4 to switch to a virtual terminal
4. at the prompt login as 'root' and enter your user password

Code: Select all

ecryptfs-migrate-home -u USER
- where USER is the username you want to migrate to an encrypted home
6. Read the warnings and follow the instructions
7. For your swap partition (optional)

Code: Select all

8. ctrl+alt+f7 to retrun to your graphical environment
9. login (hopefully)
10. To test I booted up a live disto and attempted to read my home directory - just dead links to two documents about encryption

The utility creates a backup of your data in the /home directory - you can remove this when you are sure all your data are there (space could be an issue for this if you choose not to do this with a fresh install)

Here are some useful links:

Prey laptop tracker:
Ecryptfs homepage
Ecryptfs goodness ... yptfs.html - With thanks

Comments, corrections and criticism welcome...

The Monkey
Level 3
Level 3
Posts: 163
Joined: Sat Sep 11, 2010 9:32 pm

Re: HOW TO: Encrypt /home and swap with ecryptfs in LMDE

Post by michaelzap »

Thanks for the tutorial. I also had to modprobe ecryptfs and add it to /etc/modules so that it would always run. Might want to add that.

Return to “LMDE Archive”