Why /home/myusername is not fully encrypted and a separate directory is created?

Asked by Mikko Ohtamaa on 2008-10-04

I just read this blog about the upcoming encryption feature of Ubuntu:

http://dustinkirkland.wordpress.com/2008/10/03/whats-in-my-encrypted-private-directory/

Looks like the encrypted folder is kept separately from the user home folder. You need to manually symlink all folders you want to protect under the encryption directory tree. Is there a some technical reason why we cannot encrypt /home/username altogether?

- The end user cannot create symlinks

- The data is not protected by default -> bad -> this must be very carefully told to the end users when you advertise this feature

- When you install new softwarre which create security sensitive settings (e.g. browser's passwords) you need to remember to do the symlinking

OSX creates encrypted /home/username directories with its corresponding application. It is also possible to create encrypted home folders in Linux with some cryptsetup and dmsetup magic (http://blog.gnist.org/article.php?story=EncryptedSwapAndHomeUbuntu) , so I'd like to know why Ubuntu chose this approach?

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu ecryptfs-utils Edit question
Assignee:
No assignee Edit question
Solved by:
Gord Allott
Solved:
2008-10-05
Last query:
2008-10-05
Last reply:
2008-10-04
Best Gord Allott (gordallott) said : #1

there are various problems that arrise from encrypting all of your home directory such as not being able to log in via public key ssh and that you need access to a key signiture thats not encrypted to even mount the encrypted directory. you can read more about it here: https://wiki.ubuntu.com/EncryptedPrivateDirectory#Design

i think the general idea is to have a way to easly encrypt your sensitive data without having to go down the full blown route of encrypting everything.

That explained it very well - thank you very much! It is clearly a server side feature. I hope this is clearly advertised as a server feature, since this is opt-in file system security is very dangerous for average Joe laptop users.

Thanks Gord Allott, that solved my question.