Imagine this: it’s a great day, you’re busy working on your computer at some event, and everything seems fine. After a while you get tired and decide to get something to eat and shut down your laptop. Although it’s not supposed to happen, someone steals it while you’re gone.
At this point you freak out because your life information is on that machine, including banking data, emails, and anything else that could be considered sensitive data. Now your wonderful day has turned into a nightmare. Of course you can do things to minimize the damage that results from a stolen laptop, or you can be proactive and encrypt your information for exactly these kinds of situations.
Encrypt During Installation If Possible
If you were smart enough, you could’ve encrypted your home folder (which basically contains all of your personal data, as literally every other main system folder contains system data, not personal data) when you first installed Ubuntu onto your system. But I guess you simply chose not to (or in my case, I somehow had some issues with it). However, it’s never too late to do it now before something happens to it.
Before You Begin
Encrypting your home folder is actually a lot easier than it may sound. It only requires a few steps and a little amount of your time. Before we begin, make sure that you have a backup available of your entire home folder at another location, just in case the encryption process goes haywire for whatever reason.
The first thing you’ll want to do is open your terminal and issue this command:
sudo apt-get install ecryptfs-utils
which will install the necessary files needed to carry out the encryption process.
In order to avoid any problems with encrypting a user’s home folder while you’re still logged into that user, it’s best to create a new user with administrative rights temporarily, or if you already have a second user account with administrative rights, you can use that instead. You can then log into that new account.
Next, in order to actually encrypt the home folder, you’ll need to run
sudo ecryptfs-migrate-home –u “username”
where “username” is the username of the user’s home folder that you want to encrypt.
Once that is done, you’ll need to log back into the original user’s account and complete the encryption process by following the instructions presented to you to add a password to the newly encrypted folder. If that doesn’t appear, you can type into your terminal
to add one yourself. Once that completes, you can delete the temporary account you created, and reboot your system. Your home folder should now be encrypted and safe from anyone who doesn’t know your password!
If you really want to test it out, you can always grab a Live CD and see if you can surf around inside the home folder. Usually you can’t because of file permissions, but it’s always still possible to change the permissions with a Live CD as long as it’s not encrypted. If it’s not possible to do even that, then I’d say that the successful encryption has been confirmed.
Encryption is actually much more important than a lot of people believe. It’s great that such tools exist for Linux, as well as other operating systems with tools such as TrueCrypt. Hopefully they can be adopted by more people as they don’t bring any noticeable performance issues.
What do you think of encryption? Is it necessary or not? How do you do it? Let us know in the comments!