Transparent Encryption of the Home Partition

Registered by AndrĂ© RĂ¼diger

Many users are running their favoutite distro on a laptop where the chance for the machine to get lost or stolen is higher than with a normal desktop PC. So when an unauthorized person gets in the posession of the machine it is very easy to access private data on the laptop's harddrive (e.g. with a live CD or by uninstalling the harddrive). The goal of this spec is to integrate a transparent encryption layer for sensitive data.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
None
Direction:
Needs approval
Assignee:
None
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

Not only /home should be encrypted. swap, /var, /srv, /usr/local and possibly /opt should also be encrypted. There should be an option to encrypt everything except /boot while installing.

Note: This spec is partially implemented allready. It is just very hard to do: https://help.ubuntu.com/community/EncryptedFilesystemHowto

Just my 2 cent: Encryption is an important feature. Other distros work on its easy setup allready. Debian offers it during installation as an option, easy to setup. People want it, companies and governments need it. Windows has it for a long time now.

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.