Word to the wise re: encrypted home directory in Linux Mint

system · February 13, 2016, 10:15pm

htuckjr wrote on Saturday, February 13, 2016:

I know several people in this forum prefer Linux Mint over Ubuntu, and I’m one of them. However, I recently ran into something about Mint that is less than admirable.

My (Mint) work computer has an encrypted home directory for HIPAA purposes. I hosed it recently and tried to recover the encrypted home dir. LOOOONG gruesome story short: to do that I needed a mount passphrase, about which all the Ubuntu gurus in their fora said, “when it tells you your mount passphrase after installation, write it down and keep it safe.” Well… Mint never told me a mount passphrase.

http://forums.linuxmint.com/viewtopic.php?f=90&t=129265

And come to find out, it’s not just me: unlike Ubuntu, Mint does NOT automatically tell you the only tool that will let you recover your encrypted home directory. From that link:

"After logging in as the user with the encrypted home folder, open a terminal and run the following command (do not add sudo!!!):

Code: Select all
ecryptfs-unwrap-passphrase

Provide your password as asked and you will get your mount passphrase.

Linux Mint ≠ Ubuntu "

Forewarned etc etc.

Harley Tuck
(mi-squared)

system · February 14, 2016, 2:25pm

fsgl wrote on Sunday, February 14, 2016:

Thank you, Harley, for the forearming.

The developers, rather the users, should pull up the drawbridge over the moat.

LM Team.

Clem Lefebvre seems like an affable man from his posts elsewhere. French expatriate, well assimilated in Ireland, married a local girl & sired children.

The Dutch xenopeek provided the command.

Perhaps you may consider asking Clem (or others at LM) to change the code. On the surface, it does not seem like a huge endeavor.

There may be a way to get Clem’s email address from the Bug Squad link, clicking under Owner & login. Or here.

system · February 14, 2016, 8:23pm

sunsetsystems wrote on Sunday, February 14, 2016:

What I do is make a large partition for most of the drive space and encrypt it using cryptsetup. This is partly because things I want encrypted are not necessarily all in my home directory. Then I’ll make symbolic links as needed into that filesystem. Backup drives are encrypted in the same way, with a logical rather than physical backup process.

Yes you’ll certainly want to remember or record your passphrase. With my approach I choose my own.

Rod
http://www.sunsetsystems.com/

system · February 14, 2016, 10:53pm

htuckjr wrote on Sunday, February 14, 2016:

On my work computer it’s all got to be HIPAA so I just do the easy thing and click ‘encrypt home directory’ when I’m installing. I’ve always assumed that Mint has been designed so that a little research would let me do anything I needed… but not in this case!

I agree that adding a simple but prominent display of the passphrase seems to be trivial. Maybe it seems so obvious that everybody assumes somebody else surely must have told ‘somebody’ about it!
-Harley
mi-squared

system · February 15, 2016, 2:57pm

aethelwulffe wrote on Monday, February 15, 2016:

Hmmm. Thought Mint WAS Ubuntu now.
It seems like every distro has a “gotcha” somewhere in the works. Many geek-folk choose one over the other due to rolling kernel patching/GUI, lack of the same, or a million other factors. Ultimately, you smack up against something you feel like you can’t live with…which is why we have so many distros and why we all change so frequently.
My little machine has Ubuntu and Slackware right now…