Difference between revisions of "Ubuntu 22.04 Specific folder Encryption"
From Notes_Wiki
| Line 22: | Line 22: | ||
<pre> | <pre> | ||
sudo mount -t ecryptfs ~/myencryptedfolder ~/myencryptedfolder | |||
</pre> | |||
You will be prompted for: | |||
Select passphrase: | |||
<pre> | |||
Select key type to use for newly created files: | |||
1) passphrase | |||
2) tspi | |||
Selection: 1 | |||
</pre> | |||
Give the passphrase: | |||
<pre> | |||
Passphrase: | |||
</pre> | |||
Select the default options: | |||
<pre> | |||
Select cipher: | |||
1) aes: blocksize = 16; min keysize = 16; max keysize = 32 | |||
2) blowfish: blocksize = 8; min keysize = 16; max keysize = 56 | |||
3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 | |||
4) twofish: blocksize = 16; min keysize = 16; max keysize = 32 | |||
5) cast6: blocksize = 16; min keysize = 16; max keysize = 32 | |||
6) cast5: blocksize = 8; min keysize = 5; max keysize = 16 | |||
Selection [aes]: | |||
Select key bytes: | |||
1) 16 | |||
2) 32 | |||
3) 24 | |||
Selection [16]: | |||
Enable plaintext passthrough (y/n) [n]: | |||
Enable filename encryption (y/n) [n]: | |||
</pre> | |||
Capture the ecryptfs_sig value in the below output: | |||
<pre> | |||
Attempting to mount with the following options: | |||
ecryptfs_unlink_sigs | |||
ecryptfs_key_bytes=16 | |||
ecryptfs_cipher=aes | |||
ecryptfs_sig=39768badc8a99c6e | |||
Mounted eCryptfs | |||
</pre> | </pre> | ||
Revision as of 09:52, 31 May 2025
Home > Ubuntu > Ubuntu 22.04 > Ubuntu 22.04 Specific folder Encryption
We can encrypt a particular folder (not the entire drive) on Ubuntu 22.04 using eCryptfs. This method allows you to mount a directory as an encrypted filesystem, so only users with the correct passphrase can access the data. Here's a step-by-step guide:
Install eCryptfs Utilities
apt install ecryptfs-utils
Prepare the Directory
Create a new, empty directory that you want to encrypt. Do not encrypt a directory that already contains data, as existing data will not be encrypted or may become inaccessible. Move any existing data out first.
mkdir ~/myencryptedfolder
Mount the Directory as Encrypted
Mount the directory to itself with eCryptfs:
sudo mount -t ecryptfs ~/myencryptedfolder ~/myencryptedfolder
You will be prompted for:
Select passphrase:
Select key type to use for newly created files: 1) passphrase 2) tspi Selection: 1
Give the passphrase:
Passphrase:
Select the default options:
Select cipher: 1) aes: blocksize = 16; min keysize = 16; max keysize = 32 2) blowfish: blocksize = 8; min keysize = 16; max keysize = 56 3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 4) twofish: blocksize = 16; min keysize = 16; max keysize = 32 5) cast6: blocksize = 16; min keysize = 16; max keysize = 32 6) cast5: blocksize = 8; min keysize = 5; max keysize = 16 Selection [aes]: Select key bytes: 1) 16 2) 32 3) 24 Selection [16]: Enable plaintext passthrough (y/n) [n]: Enable filename encryption (y/n) [n]:
Capture the ecryptfs_sig value in the below output:
Attempting to mount with the following options: ecryptfs_unlink_sigs ecryptfs_key_bytes=16 ecryptfs_cipher=aes ecryptfs_sig=39768badc8a99c6e Mounted eCryptfs
