Upgrading Ubuntu with encrypted $HOME

I've heard cases of people who had problems with ecryptfs-encrypted $HOME when upgrading their Ubuntu versions. Is there any truth in that, and if yes how to upgrade without problems?


Solution 1:

I have an encrypted HOME, and I have upgraded through to Oneiric without much trouble related to that. ecryptfs does have bugs like everything else, and they can be a bit alarming, but there's nothing special about upgrading. Upgrade away.

The main thing is that you should make at least one reliable backup of the unencrypted contents of your home directory. You can encrypt the backup, for example by using Deja Dup, but that's separate and ought to be OK even if ecryptfs is broken.

Solution 2:

The known upgrade issues with Encrypted Home were fixed by the 10.04 LTS release several years ago.

Ubuntu 9.04 and 8.10 put the encrypted data in /var/lib/.ecryptfs, which was, perhaps, an acceptable place to put this data, per the FHS. However, there were a few users who took care to partition their hard drive with /home on a partition of its own, and then chose to encrypt their home directory. Some of these users proceeded to reinstall (rather than upgrade), and expected their /home partition to persist their encrypted data. Sadly, that data was actually located in /var/lib, and it got wiped.

I published a migration rune here.