Encrypted swap and encrypted home directory support in the desktop CD installer.

Evan Dandrea evand at ubuntu.com
Sun Aug 23 15:07:07 BST 2009

As of the latest daily-live CDs [1], we have support in the desktop CD
installer for encrypting swap (via ecryptfs utils) automatically when
the user selects the "encrypt my home directory" option.  Given that
this was the blocker for making the encrypted home directory option
visible in the installer last cycle (it's currently hidden and has to
be enabled by hand), I was wondering if you guys could take a look at
the state of this option once more?  Ideally, I'd like to be able to
make the encrypted home directory option visible, but leave the
default option as "require my password to log in".

To test encrypt swap and encrypted home, select your language at the
CD boot prompt, hit F6 to bring up the extra options menu, then escape
to hide the menu.  You should see the kernel command line string that
will be used.  Type user-setup/encrypt-home=true just before the
double hash, leaving a space between it and the other options, then
hit enter.  If you typed it correctly, when you get to the "Who are
you?" page of the installer, you should see an option for "require my
password to log in and decrypt my home directory".  This should be
selected by default, so once you proceed with the install you should
have encrypted swap and an encrypted home directory at the first boot.


1: http://cdimage.ubuntu.com/daily-live/current/

More information about the Ubuntu-installer mailing list