3

I had my home folder encrypted during installation by checking "Encrypt my home folder".

Now, I'd like to reinstall the system, but reuse this home folder.
(I have 2 separate partitions for / and /home. The former is formatted during the reinstall, the later - unformatted and reused. Been using this method without encryption for years - no issues.)

It seems that Ubuntu does not take care of it automatically.

Removing encryption and encrypting everything once more sounds incredibly workaroundish. Depending on how you perform it, it could also leave out temporary unencrypted data ready to be recovered with recovery tools. Even when discarded after the migration process.

[Meta] Possible duplicate:

To all of folks that suggest that this is a duplicate of Why can I not deselect "encrypt my home folder"?:
Well, yes. That thread resolved my problem.
However, I did some research prior to posting this (which I always do) and the answer was nowhere to be found.
That's because I never saw the bloody form with encryption options disabled.
That's because I did some thinking on 'How will I migrate my encrypted $HOME?' before I actually got down to reinstalling and potentially carelessly loosing my data. 1
I sincerely hope there's more like-minded, precautious folk out there (if not, humanity is doomed).

IMO they will find this doubt reworded as "Reusing encrypted home …" helpful.
That's my opinion, however, it's up to you what you do with this thread.
After all, the reputation score is the ultimate measure of one's right.
Isn't it?

1: Yes, I do have a backup. Still, why resorting to backup when you can easily preserve your original data?

vucalur
  • 266

2 Answers2

0

IMHO if your data is important enough to encrypt it is important enough to backup and you need a backup strategy for encrypted data.

You can start with this (run from home directory):

tar -cvpzf backup.tar.gz \
 /home/.ecryptfs/*/.ecryptfs \
--exclude=./backup.tar.gz \
--exclude=./.gvfs \
--exclude=./.cache \ 
--exclude=./.local/share/Trash ./

You may be able to exclude additional items in $HOME, up to you. Canidates for exclusion might include .thumbs and .themes and .icons. Alternately you can only include the data you want 

cd ~
-cvpzf backup.tar.gz Documents Other_directory 1 Other_directory 2 ./

Note: /home/.ecryptfs/*/.ecryptfs is your configuration , take care when restoring the archive, you may wish to skip that file or back it up separate.

Then encrypt

gpg -c backup.tar.gz

To decrypt 

gpg -d backup.tar.gz.gpg

Check the backup works, then, rm backup.tar.gz

Better you can script the whole process ;)

With a working backup you can try upgrading or installing preserving $HOME and if it fails for any reason, fresh install and restore from backup.

How to reinstall ubuntu and preserve home directory

When you reinstall, use the same UID and password as with your current install.

You should see a dialog as you install . Notice how the installer is recognizing your previously encypted home and the dialog to select encrypt home and automatic log in are greyed out:

enter image description here

IMHO the biggest "problem" with encryption is people forget they need an encrypted backup in the event of failure, it is not if you will have a system failure, but when it happens, are you prepared with a working backup.

Panther
  • 104,528
-1

Short:

The suggestion was wrong.
Ubuntu DOES take care of that automatically.

Long:

I mistakenly assumed that the problems described under the first link were happening despite using the same username and password combination.

It seems that some other combination was used, and a fresh install reuses encrypted $HOME quite seamlessly.

Encryption options will be disabled during the reinstall process:

enter image description here Kudos to @Panther for showing me the thread about disabled encryption options in a comment below.

vucalur
  • 266