Views:
6,986
Votes: 5
✅ Solution
Tag :
encryption
Link:
🔍 See Original Answer on Ask Ubuntu ⧉ 🔗
URL:
https://askubuntu.com/q/820651
Title:
How to add encryption after installation?
ID:
/2016/09/04/How-to-add-encryption-after-installation_
Created:
September 4, 2016
Edited: September 4, 2016
Upload:
December 22, 2024
Layout: post
TOC:
false
Navigation: false
Copy to clipboard: false
You can encrypt your data after installation even though you didn’t choose to encrypt it during installation.
To encrypt your entire /home directory and, all it’s sub-directories, such as Documents, Downloads, Music, etc. read this link: how-to-encrypt-your-home-folder-after-installing-ubuntu that explains how to encrypt /home after you’ve installed Ubuntu. There are plenty of screenshots and narrative walking you through the process.
To summarize the link what you need to do is:
- Backup your data. Although the migration process uses a working
backup you want your own just to be safe.
- Install the encryption software with `sudo apt-get install
ecryptfs-utils cryptsetup`.
- Create a temporary account with sudo privileges. In order to encrypt
your /home directory you can't be logged on as yourself.
- Login with temporary account.
- Migrate your data from unencrypted /home directory to an encrypted
/home directory using the command `sudo ecryptfs-migrate-home -u user` where "user" is your regular user name.
- Please note besides encrypting /home your swap partition can also be
encrypted for maximum protection.
- DO NOT REBOOT
- Login with your regular user name. A random passphrase can be
generated which you need to write down if something goes wrong in the future and you need to access /home folder manually.
Some people feel encrypting all of /home is overkill and can be too cumbersome when moving /home to another computer or different drive on the same computer. I tried encryption when I installed Ubuntu for the first time in 2014 but when I messed things up and had to reinstall Ubuntu I skipped the encryption option after reading problems other users encountered (although I never did have encryption problems).
If you don’t want to encrypt /home and all the sub-directories. You can have a single encrypted ~/.Private directory where you can keep certain files that need encryption such as “things I don’t want the NSA to know” or “wife’s surprise birthday party planning”. This is described here: EncryptedPrivateDirectory