It’s simple to encrypt your home folder and other data on Linux. You can do it during installation, or at anytime using your distro.
But while useful, encrypting your Linux data isn’t necessarily a good idea. Sure, it sounds safe, so how could Linux disk encryption be a bad idea? Let’s look at why you should encrypt your Linux HDD and why you might seek out an alternative.
Should You Encrypt Your Linux Partition?
Most Linux distributions make it easy to encrypt your home folder or even entire partitions, without many issues. This is a great option to have if you need your data to be encrypted. In most cases, all you need to do is check a box, and Linux will take care of the rest.
Unfortunately, some people select it simply because it sounds like a good option to have. While this is clearly true, they don’t think about (or may be unaware of) the consequences. Indeed, some people don’t even know what encryption really is. They just know it’s a security option. This disconnect between understanding the technology can lead to the benefits of disk encryption being overstated and the shortcomings ignored.
It’s smarter to be aware of all the facts before making a decision that irreversibly changes the contents of your hard disk drive.
Reasons to encrypt your Linux disk include:
- Protect personal data from loss or theft
- Prevent the theft of sensitive corporate data
- Block remote surveillance
- Protect sensitive data from third parties
Meanwhile, some negative consequences of disk encryption are:
- Making data recovery more difficult
- Making full system recovery almost impossible
- Hitting system performance
Want to know more? Let’s check all of these in more detail.
4 Reasons to Encrypt Your Linux Drive
We’ll start off with the immediate reasons to encrypt your Linux data. This might be specific files, one or more partitions, or even the entire drive.
1. Protect Personal Data From Loss or Theft
For standard users, especially laptop owners, this is the key point. You don’t want to risk personal data and potentially access to emails and cloud accounts, if your device is stolen.
Encrypting your hard disk will block access to these items. Whether files, partitions, or the full disk is encrypted, the contents will be meaningless to anyone without the encryption key.
2. Prevent Theft of Sensitive Corporate Data
Similarly, if you use your computer for work, encryption is a smart option. Whether a laptop computer or a desktop, the device should have encryption enabled. The industry you work in can influence how important this is (e.g. protecting patient data in healthcare).
However, it is smart to just use encryption across the board in the workplace. Protecting data from corporate espionage or whaling expeditions is smart.
3. Block Remote Surveillance
Full disk encryption of your Linux system can also frustrate remote surveillance. A hacker with access to your computer will not be able to read encrypted data. A government agency charged with monitoring your data will be unable to open your files.
4. Protect Sensitive Data From Third Parties
If you manage data for someone else (whether a client, or someone in danger), disk encryption is wise. It protects them from risk, while getting you off the hook if the data is lost or stolen.
Remember: if the data remains encrypted, it cannot be read. Beyond the astronomically unlikely chance that the encryption is broken, data should be secure.
3 Arguments Against Linux Disk Encryption
Disk encryption is a great idea, but be sure you know and understand the implications.
1. Disk Encryption Makes Recovering Data Harder
Encrypting your data seems like a smart option. Without decryption (linked to your account password), no one can access your data. Even if the device is stolen, your hard drive cannot be read without the decryption key.
But what if something in your system has screwed up? Whether it’s the operating system or another hardware component, you’ll probably want to move the data somewhere safe.
For unencrypted data this can be easily done by running (at the minimum) a Linux LiveCD on any other computer. Simply connect the hard drive to that computer and start moving your data.
But with encrypted data, it’s not as easy as that.
2. System Recovery Is Impossible With Disk Encryption
Meanwhile, if your entire Linux partition is encrypted it will be tougher recovering your system when needed. For example, if your system loses power at a critical point, you’ll need to run a recovery disc. It’s the only way to get things back to normal.
Performing recovery on an encrypted Linux system will be even harder. Without the decryption key, unless you have an unencrypted disk image, you’re on a hiding to nothing.
3. Encrypting Your Hard Drive Impacts Performance
Another item to note is that encryption may not be the best performance option for very low-powered devices. While plenty of devices are powerful enough to deal with encryption with negligible performance impact, older hardware is not.
Installing Linux on old netbooks and other low-power devices is fine. But do it without encryption. After all, netbooks are slow enough already. The idea is to be productive with these low-spec devices, rather than sit around waiting for them.
Linux Disk Encryption Is Your Shout
As always, what you end up doing is completely up to you. If you feel that you need to encrypt your entire home folder or even your whole partition, go ahead. So long as you’re aware of what might be facing you in the event of a problem.
On the other hand, if you prefer to leave your drive unencrypted and secure your data in other ways, you can. Just be confident your data is as secure as promised.
Decided to encrypt? Here’s how to encrypt your personal data on Linux.