Difference between revisions of "Ubuntu 22.04 Specific folder Encryption"

Home > Ubuntu > Ubuntu 22.04 > Ubuntu 22.04 Specific folder Encryption

We can encrypt a particular folder (not the entire drive) on Ubuntu 22.04 using eCryptfs. This method allows you to mount a directory as an encrypted filesystem, so only users with the correct passphrase can access the data. Here's a step-by-step guide:

Install eCryptfs Utilities

apt install ecryptfs-utils

Prepare the Directory

Create a new, empty directory that you want to encrypt. Do not encrypt a directory that already contains data, as existing data will not be encrypted or may become inaccessible. Move any existing data out first.

mkdir ~/myencryptedfolder

Mount the Directory as Encrypted

Mount the directory to itself with eCryptfs:

sudo mount -t ecryptfs ~/myencryptedfolder ~/myencryptedfolder

You will be prompted for:

Select passphrase:

Select key type to use for newly created files: 
 1) passphrase
 2) tspi
Selection: 1

Give the passphrase:

Passphrase: <passphrase>

Select the default options:

Select cipher: 
 1) aes: blocksize = 16; min keysize = 16; max keysize = 32
 2) blowfish: blocksize = 8; min keysize = 16; max keysize = 56
 3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24
 4) twofish: blocksize = 16; min keysize = 16; max keysize = 32
 5) cast6: blocksize = 16; min keysize = 16; max keysize = 32
 6) cast5: blocksize = 8; min keysize = 5; max keysize = 16
Selection [aes]: 

Select key bytes: 
 1) 16
 2) 32
 3) 24
Selection [16]: 
Enable plaintext passthrough (y/n) [n]: 
Enable filename encryption (y/n) [n]: 

Capture the ecryptfs_sig value in the below output:

Attempting to mount with the following options:
  ecryptfs_unlink_sigs
  ecryptfs_key_bytes=16
  ecryptfs_cipher=aes
  ecryptfs_sig=39768badc8a99c6e
Mounted eCryptfs