How to stop using built-in home directory encryption?

Googling around, I found this post:

Not to bring up an old thread but in case anyone has errors trying to follow these instructions, here is what I did.

  1. Backup the home directory while you are logged in sudo cp -rp /home/user /home/user.backup

    1.1. Check that your home backup has everything!!!

  2. reboot into root via grub
  3. Delete your home directory rm -rf /home/user
  4. Remove the packages apt-get remove ecryptfs-utils libecryptfs0
  5. Restore your home directory mv /home/user.backup /home/user
  6. reboot
  7. Remove any of those .Private .ecryptfs folders rm -rf ~/.Private rm -rf ~/.ecryptfs
  8. Yay!
This worked for me. Home folder file permissions stay intact and does not bugger up Dropbox or git repos. Some reason my fresh install on Ubuntu 9.10 would not do the first command. Just make sure you think the process through when using rm -rf. Just wanted to post this not only for my record, but anyone else who encounters problems.

Some notes

  • reboot into root via grub was a bit unclear to me; I didn't reboot, just switched to using root (another user account with sudo privileges would work equally well).
  • Before removing the packages ecryptfs-utils and libecryptfs0 would work, I needed to remove /home/.ecryptfs/<myusername>. (It complained that ecryptfs-utils was in use.)

Other than that, this worked for me. It's far from simple though, so feel free to post better solutions!


Here you are, hope this helps (see ecryptfs-setup-private(1)):

$ ecryptfs-setup-private --undo

The output claims:

In the event that you want to remove your eCryptfs Private Directory setup, you will need to very carefully perform the following actions manually:

  1. Obtain your Private directory mountpoint

    $ PRIVATE=`cat ~/.ecryptfs/Private.mnt 2>/dev/null || echo $HOME/Private`
    
  2. Ensure that you have moved all relevant data out of your $PRIVATE directory

  3. Unmount your encrypted private directory

    $ ecryptfs-umount-private
    
  4. Make your Private directory writable again

    $ chmod 700 $PRIVATE
    
  5. Remove $PRIVATE, ~/.Private, ~/.ecryptfs

    Note: THIS IS VERY PERMANENT, BE VERY CAREFUL

    $ rm -rf $PRIVATE ~/.Private ~/.ecryptfs
    
  6. Uninstall the utilities (this is specific to your Linux distribution)

    $ sudo apt-get remove ecryptfs-utils libecryptfs0
    

1st thing to do : BACKUP YOUR HOME I can't say it louder... basically undoing encryption is equivalent to resetting (rm -rf) your home, which is in fact hidden by a mount.

2nd step : log out of any desktop manager and go to a virtual console (CTRL-ALT-F1)

Finally : for details :

ecryptfs-setup-private --undo

In the event that you want to remove your eCryptfs Private Directory setup, you will need to very carefully perform the following actions manually:

  1. Obtain your Private directory mountpoint PRIVATE= cat ~/.ecryptfs/Private.mnt 2>/dev/null || echo $HOME/Private

  2. Ensure that you have moved all relevant data out of your $PRIVATE directory

  3. Unmount your encrypted private directory

    ecryptfs-umount-private
    
  4. Make your Private directory writable again

    chmod 700 $PRIVATE
    
  5. Remove $PRIVATE, ~/.Private, ~/.ecryptfs Note: THIS IS VERY PERMANENT, BE VERY CAREFUL

      rm -rf $PRIVATE ~/.Private ~/.ecryptfs
    
  6. Uninstall the utilities

     sudo apt-get remove ecryptfs-utils libecryptfs0
    

I would say step 5 is a bit wrong : there's no need to delete $PRIVATE, which was for me my home....

After .Private and .ecryptfs deletion, just restore your home :]


This steps will work in a server environment

Step 1: Backup your home directory

sudo cp -rp /home/$USER /home/$USER.backup

Step 2: Confirm whether everything is backup

sudo ls -al /home/$USER.backup

Step 3: Umount the home folder, because the encryption program usually mounts it to mount point e.g /home/$USER,also known as $HOME. You can confirm your mount point by running df -h $HOME. You will have to cd /tmp (or some other non-$HOME directory) to be able to unmount $HOME

cd /tmp
sudo umount /home/$USER

Step 4: Delete the old home folder

sudo rm -rf /home/$USER

Step 5: Remove encrytion program file

sudo rm -rf /home/$USER.backup/.ecryptfs

Step 6: Remove encryption utillities from the system

sudo apt-get remove ecryptfs-utils libecryptfs0

Step 7: Restore unencrypted home folder back to it original path

sudo mv /home/$USER.backup /home/$USER

Step 8: Change ownership of the restored folder back to your user

sudo chown -R $(id -u):$(id -g) /home/$USER

Step 9: Logout/Login, to be sure all user stuff gets restarted right (or that errors will occur while you remember what you're done)