Attention Encrypted Home Users...
kirkland at ubuntu.com
Fri Feb 26 23:07:33 UTC 2010
We're rapidly pushing toward an excellent Ubuntu 10.04 LTS release,
and we have made a few improvements in the way your Encrypted Home's
metadata is stored.
If you configured your Encrypted Home with Ubuntu 9.10 (Karmic) or
Ubuntu 10.04 (Lucid), then no action is required, -- you may stop
If you're not sure, and you want to check if you need to read this
email, take a look at your /var/lib/ecryptfs directory. If that
directory is empty, or it does not exist, you may stop reading here.
If that directory has contents, then you may want to continue
Ubuntu 9.04 (Jaunty) Encrypted Home installations stored eCryptfs
metadata in /var/lib/ecryptfs/$USER. This information is absolutely
required to mount your Encrypted Home Directory. Actually, everything
in here can be re-created if you wrote down your randomly generated
mount passphrase! Please be absolutely certain that you have recorded
your mount passphrase, on a piece of paper, stored somewhere safely,
separate from your computer! You can retrieve your randomly generated
passphrase by running the ecryptfs-unwrap-passphrase utility. Oh, and
don't just copy wrapped-passphrase to your $HOME directory and expect
that to be sufficient. This is effectively locking your keys in your
car (and your car is an armored vehicle).
For Ubuntu 9.10 (Karmic), new installs actually put this metadata in
/home/.ecryptfs/$USER. This is far more convenient for users who put
all of /home on its own partition, or for users who just simply backup
all of /home.
I've previously written about how to move your metadata out of
/var/lib/ecryptfs. Particularly if you're planning a Lucid upgrade of
a system that was originally installed with Jaunty's Encrypted Home
Directory, I strongly recommend that you follow these instructions:
More information about the ubuntu-users