Encrypted private directories coming to Ubuntu
Encrypted private directories are the one thing that would get me to upgrade to Ubuntu 8.10 this October. Ubuntu's Dustin Kirkland explains it all:
How does it work?The underlying technology is a cryptographic virtual filesystem in the Linux kernel called eCryptfs, authored by Michael Halcrow of IBM.
When a user logs into an Ubuntu Intrepid system, their login passphrase is automatically used to decrypt a randomly generated mount passphrase. This mount passphrase will then cryptographically mount ~/.Private onto ~/Private. As long as ~/Private is mounted, the user can read and write sensitive data to files and directories under the virtual filesystem on ~/Private. The actual files stored in the underlying filesystem are encrypted, and located in ~/.Private. The only passphrase required is obtained when logging in (via console, ssh, gdm, etc). And the only files encrypted are those that the user consciously places in ~/Private. The user can then incrementally backup the encrypted ~/.Private directory to off-site storage.
I'd really, really, really like to see a backport of this to Ubuntu 8.04 LTS so I can keep the current version of the distro if I so choose.
I'll be looking at Ubuntu Backports and GetDeb to see if installing it in Hardy is possible. ... or I may just upgrade to Intrepid.
More information:
About this blog
Comments are back: Comments have returned to Click, but due to the thousands of spam comments clogging up the system each day, commenters must now log in. To comment, either create a Movable Type account when prompted, or create and use a Typekey account. Movable Type, as configured on this blog, allows commenters to create a Movable Type account, verify it via e-mail and then sign in to comment. Other methods of verification are OpenID, Live Journal and Vox.
Steven Rosenberg aims to learn what he does not know. He writes about it here.
Steven Rosenberg aims to learn what he does not know. He writes about it here.
Leave a comment