Encrypted home partition accessible by administrator

Colin Law clanlaw at gmail.com
Wed Apr 24 16:15:01 UTC 2019

On Wed, 24 Apr 2019 at 16:53, Liam Proven <lproven at gmail.com> wrote:
> On Wed, 24 Apr 2019 at 15:21, Colin Law <clanlaw at gmail.com> wrote:
> >
> > Thanks Liam.
> > An admin would not be able to decrypt if the users password or another
> > passphrase was required to decrypt it, but it appears that is not how
> > it works.  Looking at suggestions from earlier in the thread gocryptfs
> > looks as if it might do what I want. I am just off to try it out.
> Good luck with it -- it sounds a bit scary to me -- and do let us know
> how you get on.

Well initial impression of gocryptfs is good.  Basically the files all
reside in an encrypted folder, with a parallel virtual file system
where the decrypted files can be written/read once the virtual file
system is mounted, which requires the encryption password.
It appears that an admin cannot access the decrypted files even when
the file system is mounted, at least I haven't managed to do so.
gocryptfs is in the Ubuntu repositories and only takes a couple of
minutes to setup.  So far it does everything I want.


More information about the ubuntu-users mailing list