Encrypting your /home and swap on Ubuntu Linux v8.04 (Hardy Heron)

As an ongoing effort for work, IT has deemed it necessary to encrypt our laptops.  No problem I say, but one issue:  the encryption software they chose only works on Windows 2000/XP and certainly not on OSX or Linux.  My chosen platform for work is Ubuntu 8.04 with the bling of compiz to show it off 😉 In order to comply, I did a little googling and ran across an excellent article by Lars Strand on how to encrypt your /home directory and swap space on Ubuntu 8.04 (should work with 6.04 and higher).

Encrypted swap and home partition in Ubuntu 8.04

I really would like to have an encrypted swap and home partition on my laptop. In case it gets stolen or if I should forget it somewhere, I can be sure that no-one would be able to read my private files. In this mini-howto I set my home partition using LVM, but using a regular partition should work just fine. This howto should also work, with minor modification, if you use another distribution than Ubuntu.
By using Linux Unified Key Setup (LUKS) setting up encrypted partition in Linux is done in no time.

read more

I’m totally impressed by the article – the instructions are step by step and are easy to follow.  I’d create a new user belonging to the admin group with its home directory outside of ‘/home’ and use that user to perform the steps.

Initially I attempted to use an USB thumb drive to hold a key file but it proved unreliable because it wasn’t being mounted consistantly before the /etc/init.d/cryptdisks & /etc/init.d/cryptdisks.early were being executed on boot up.  This issue would cause the key file to be unavailable and therefore the encrypted home from being attached to (/etc/crypttab).  However, when if I inserted the thumbdrive after the system booted, the usb thumb drive would be auto-mounted and performing ‘mount /home’ would mount the encrypted home directory.

Share Button