We introduced Encrypted Private Directories in the Ubuntu 8.10 release, using eCryptfs (an enterprise cryptographic filesystem in the Linux kernel) on $HOME/Private. This release helped "prove" eCryptfs, and helped us identify and fix a number of issues. This new approach to encrypted private data in Ubuntu provided a safe folder where users could store confidential information, automatically mounted at login, and unmounted at logout.
In Ubuntu 9.04, we retained the Encrypted Private Directory feature, but additionally offered Encrypted Home Directories to advanced users, through the alternate installer and a special boot parameter. This release generated quite a bit of interest in the feature and a healthy user community. Many, many thanks to the Ubuntu users and developers who used this feature, helping to file and fix bugs along the way.
So far in Ubuntu 9.10, we have:
- fixed a number of bugs and usability issues (changelog)
- provided AppArmor rules
- enabled the shell scripts for localization/translations
- and most importantly, set up encrypted swap in the installer if you enable home directory encryption
I believe Ubuntu now provides the most user-friendly personal data encryption solution in the industry.
So secure your data in Ubuntu! Get those Karmic home directories encrypted!
p.s. I authored an article for Linux Magazine that should be published in an upcoming issue discussing the technology in much greater detail. Stay tuned!