[ubuntu-florida] Fwd: Attention Encrypted Home Users...

Dan Trevino dantrevino at gmail.com
Sat Feb 27 21:04:05 GMT 2010

FYI ... If you use encrypted home directories, please read ...

---------- Forwarded message ----------
From: Dustin Kirkland <kirkland at ubuntu.com>
Date: Fri, Feb 26, 2010 at 6:07 PM
Subject: Attention Encrypted Home Users...
To: ubuntu-users <ubuntu-users at lists.ubuntu.com>, Ubuntu Developers
<ubuntu-devel at lists.ubuntu.com>, ecryptfs-users at lists.launchpad.net,
ecryptfs-devel <ecryptfs-devel at lists.sourceforge.net>

We're rapidly pushing toward an excellent Ubuntu 10.04 LTS release,
and we have made a few improvements in the way your Encrypted Home's
metadata is stored.

If you configured your Encrypted Home with Ubuntu 9.10 (Karmic) or
Ubuntu 10.04 (Lucid), then no action is required, -- you may stop
reading here.

If you're not sure, and you want to check if you need to read this
email, take a look at your /var/lib/ecryptfs directory. If that
directory is empty, or it does not exist, you may stop reading here.
If that directory has contents, then you may want to continue

Ubuntu 9.04 (Jaunty) Encrypted Home installations stored eCryptfs
metadata in /var/lib/ecryptfs/$USER. This information is absolutely
required to mount your Encrypted Home Directory. Actually, everything
in here can be re-created if you wrote down your randomly generated
mount passphrase!  Please be absolutely certain that you have recorded
your mount passphrase, on a piece of paper, stored somewhere safely,
separate from your computer!  You can retrieve your randomly generated
passphrase by running the ecryptfs-unwrap-passphrase utility.  Oh, and
don't just copy wrapped-passphrase to your $HOME directory and expect
that to be sufficient.  This is effectively locking your keys in your
car (and your car is an armored vehicle).

For Ubuntu 9.10 (Karmic), new installs actually put this metadata in
/home/.ecryptfs/$USER. This is far more convenient for users who put
all of /home on its own partition, or for users who just simply backup
all of /home.

I've previously written about how to move your metadata out of
/var/lib/ecryptfs. Particularly if you're planning a Lucid upgrade of
a system that was originally installed with Jaunty's Encrypted Home
Directory, I strongly recommend that you follow these instructions:



ubuntu-devel mailing list
ubuntu-devel at lists.ubuntu.com
Modify settings or unsubscribe at:

Life, Liberty, and the pursuit of Open Standards!

More information about the Ubuntu-us-fl mailing list