From the Canyon Edge -- :-Dustin

Saturday, September 5, 2009

Encrypted $HOME Now Offerred at Installation

I'm pleased to announce that the Ubuntu Karmic Alpha5 image now offers home directory encryption as an option to all installing users!

We introduced Encrypted Private Directories in the Ubuntu 8.10 release, using eCryptfs (an enterprise cryptographic filesystem in the Linux kernel) on $HOME/Private. This release helped "prove" eCryptfs, and helped us identify and fix a number of issues. This new approach to encrypted private data in Ubuntu provided a safe folder where users could store confidential information, automatically mounted at login, and unmounted at logout.

In Ubuntu 9.04, we retained the Encrypted Private Directory feature, but additionally offered Encrypted Home Directories to advanced users, through the alternate installer and a special boot parameter. This release generated quite a bit of interest in the feature and a healthy user community. Many, many thanks to the Ubuntu users and developers who used this feature, helping to file and fix bugs along the way.

So far in Ubuntu 9.10, we have:

  • fixed a number of bugs and usability issues (changelog)

  • provided AppArmor rules

  • enabled the shell scripts for localization/translations

  • and most importantly, set up encrypted swap in the installer if you enable home directory encryption

I believe Ubuntu now provides the most user-friendly personal data encryption solution in the industry.

So secure your data in Ubuntu! Get those Karmic home directories encrypted!


p.s. I authored an article for Linux Magazine that should be published in an upcoming issue discussing the technology in much greater detail. Stay tuned!