Ubuntu’s Encrypted Home Directory: A Canonical Approach to Data Privacy

How can users protect themselves from the loss of important data when a computer goes missing? Well, the latest release of Ubuntu makes this not only possible, but frighteningly easy!

Recovery of an Encrypted Home Directory is possible from an Ubuntu 9.10 LiveCD.

Mount the disk partition containing the Encrypted Home Directory:

ubuntu@ubuntu$ sudo mount /dev/sda1 /mnt

Establish a proper chroot environment:

ubuntu@ubuntu$ sudo mount -o bind /dev /mnt/dev
ubuntu@ubuntu$ sudo mount -o bind /dev/shm /mnt/dev/shm
ubuntu@ubuntu$ sudo mount -o bind /proc /mnt/proc
ubuntu@ubuntu$ sudo mount -o bind /sys /mnt/sys
ubuntu@ubuntu$ sudo chroot /mnt

Become the user whose data needs recovery (i.e. “foo”) and manually add the necessary mount passphrase to the kernel session keyring:

root@ubuntu$ su – foo
foo@ubuntu$ ecryptfs-add-passphrase --fnek
Passphrase:
<Enter the recorded passphrase>

Mount the encrypted directory and then access the data:

foo@ubuntu$ ecryptfs-mount-private
foo@ubuntu$ cd $HOME
foo@ubuntu$ ls -alF
...

Anatomy of an Ubuntu Encrypted Home Directory

When a user is logged in and the Encrypted Home Directory is mounted, something like the following is in the kernel’s mount table:

/home/foo/.Private on /home/foo type ecryptfs
(ecryptfs_sig=009d8073058734f2, ecryptfs_fnek_sig=d27234f4a296af68, ecryptfs_cipher=aes, ecryptfs_key_bytes=16)

Listing the home directory and accessing files, the data appears in plain text:

foo@x200:~$ ls -alF $HOME
drwxr-xr-x 6 foo foo 4096 2009-06-06 16:19 ./
drwxr-xr-x 6 root root 4096 2009-06-06 13:21 ../
-rw------- 1 foo foo     5 2009-06-06 16:19 .bash_history
-rw-r--r-- 1 foo foo   220 2009-06-06 13:21 .bash_logout
-rw-r--r-- 1 foo foo 3115 2009-06-06 13:21 .bashrc
drwxr-xr-x 2 foo foo 4096 2009-06-06 16:19 .byobu/
drwx------ 2 foo foo 4096 2009-06-06 13:22 .ecryptfs/
-rw-r--r-- 1 foo foo   357 2009-06-06 13:21 examples.desktop
drwxr-xr-x 3 foo foo 4096 2009-06-06 16:19 Private/
drwxr-xr-x 3 foo foo 4096 2009-06-06 16:19 .Private/
-rw-r--r-- 1 foo foo   675 2009-06-06 13:21 .profile
-rw-r--r-- 1 foo foo     0 2009-06-06 16:19 .screenrc

However, when examining the underlying encrypted directory one can see that both the file names and contents are encrypted. Without access to the keys, this information should be inaccessible by an attacker:

foo@x200:~$ ls -alF /home/foo/.Private/
drwxr-xr-x 3 foo foo 4096 2009-06-06 16:19 ./
drwxr-xr-x 6 foo foo 4096 2009-06-06 16:19 ../
-rw------- 1 foo foo 12288 2009-06-06 16:19 ECRYPTFS_FNEK_ENCRYPTED.FWbGQXHocdOjO-S70saK-StBFDWyUvngUSX8\
0H9QfTTjNR-i4Dzfxeu20---
-rw-r--r-- 1 foo foo 12288 2009-06-06 16:19 ECRYPTFS_FNEK_ENCRYPTED.FWbGQXHocdOjO-S70saK-StBFDWyUvngUSX8\
-BZAi9gS3OOrhtsz4qdZwk--
-rw-r--r-- 1 foo foo 12288 2009-06-06 13:21 ECRYPTFS_FNEK_ENCRYPTED.FWbGQXHocdOjO-S70saK-StBFDWyUvngUSX8\
hojMJwfB7cxsUzym9ZXhK---
-rw-r--r-- 1 foo foo 12288 2009-06-06 13:21 ECRYPTFS_FNEK_ENCRYPTED.FWbGQXHocdOjO-S70saK-StBFDWyUvngUSX8\
lpAWuKSN-nfaJwnzwyGF4k--
drwxr-xr-x 2 foo foo 4096 2009-06-06 16:19 ECRYPTFS_FNEK_ENCRYPTED.FWbGQXHocdOjO-S70saK-StBFDWyUvngUSX8\
pDTNHxMN.eXLZF-7IO4mlU--
-rw-r--r-- 1 foo foo 12288 2009-06-06 13:21 ECRYPTFS_FNEK_ENCRYPTED.FWbGQXHocdOjO-S70saK-StBFDWyUvngUSX8\
sKm2CEPzbjUsOt9HE3ynTU--
-rw-r--r-- 1 foo foo 12288 2009-06-06 13:21 ECRYPTFS_FNEK_ENCRYPTED.FXbGQXHocdOjO-S70saK-StBFDWyUvngUSX8\
iiKk.q2g7bFIs2MaUaA8-LnJv7aptfhqA-ldgV9yHVI-

Both the mounted and unmounted home directory must contain a symbolic link to a non-encrypted eCryptfs configuration directory. The contents of this configuration directory usually looks like this:

foo@x200:~$ ls -alF .ecryptfs/
drwx------ 2 foo foo 4096 2009-06-06 13:22 ./
drwxr-xr-x 6 foo foo 4096 2009-06-06 16:19 ../
-rw-r--r-- 1 foo foo    0 2009-06-06 13:22 auto-mount
-rw-r--r-- 1 foo foo    0 2009-06-06 13:22 auto-umount
-rw------- 1 foo foo   18 2009-06-06 13:22 Private.mnt
-rw------- 1 foo foo   34 2009-06-06 13:22 Private.sig
-r-------- 1 foo foo   48 2009-06-06 13:22 wrapped-passphrase

The existence of the auto-mount and auto-umount flags inform PAM to automatically mount and unmount the eCryptfs directory. Private.mnt contains a path owned by the user where the eCryptfs directory is to be mounted, i.e, $HOME, $HOME/Private, or elsewhere. Private.sig contains signatures identifying the fekek and fnek, without revealing the keys themselves. Finally, the wrapped-passphrase contains the actual mount passphrase, symmetrically encrypted by the user’s system login passphrase.

Advanced Encrypted Home Directory Security

Some Ubuntu Encrypted Home Directory users choose to extend their security beyond the stock setup.

In the default Ubuntu Encrypted Home Directory model, the weakest link in the chain of required keys is usually the user’s system login password. While it is critically important to choose a strong system password, the risk can be mitigated by two-factor authentication.

Two-factor authentication is a system where two separate pieces of information are required to establish a user’s identity. It is trivial to simulate two-factor authentication with Ubuntu Encrypted Home Directories. Simply move $HOME/.ecryptfs/wrapped-passphrase to removable media (such as a USB key or flash disk) and establish a symbolic link from $HOME/.ecryptfs/wrapped-passphrase to the removable location. You can even obfuscate the name of the file on the removable media by calling it something other than “wrapped-passphrase”:

foo@x200:~$ ls -alF .ecryptfs/wrapped-passphrase
lrwxrwxrwx 1 foo foo 18 2009-06-06 16:41 .ecryptfs/wrapped-passphrase -> /media/disk/.garbage

By using this method, should an attacker manage to crack the log in password, they will not have access to the wrapped-passphrase, and therefore cannot decrypt the data. In order to gain access, they must brute-force a long, randomly generated passphrase before accessing the encrypted data.

Use of swap space and hibernation-to-disk present particularly difficult problems to encryption systems. Decrypted file contents exist exclusively as data structures in running memory. However, if memory gets swapped to disk and the swap space is not encrypted, some of the private data may be written in clear text. Indeed, if a system is hibernated, the complete contents of memory is dumped to disk, potentially circumventing the entire encryption scheme.

For these reasons, it is highly recommended that swap space is also encrypted when using Ubuntu Encrypted Home or Private Directories. The ecryptfs-setup-swap script should accomplish this nicely, however you will not be able to resume from hibernation (suspend/resume is unaffected). Thankfully, the Ubuntu 9.10 installer has already thought of this and will automatically encrypt swap space when enabling an Encrypted Home Directory.

Caveats

There are a few subtle changes to otherwise normal system operation with an Encrypted Home Directory.

If the home directory is not already mounted then automatic desktop logins, ssh public key authentication and cronjobs that require access to data in $HOME are not possible. This issue can be worked around by disabling automatic unmount (remove $HOME/.ecryptfs/auto-umount), logging in, and establishing the mount at some point prior to public key authentication or cronjob execution. However, the home directory will only be unmounted at shutdown, or when ecryptfs-umount-private is invoked directly.

eCryptfs does not yet work properly on top of remote, network file systems such as NFS, Samba, or SSHFS. This is a known bug and is actively being addressed.

Encrypted file contents are padded, requiring additional storage on disk. While this has little affect on large files, encrypted sparse files appear much bigger.

File and directory names are also padded. Linux has a 256-character file name limit, and a 4096-character maximum path limit. The padding from eCryptfs means that file names and paths which are already near the limit might hit the limit sooner than expected.

In Conclusion

Ubuntu has once again taken a complex, highly customizable free software system and made it seamlessly accessible to the wider population. By adding a suite of user space utilities, support in the Ubuntu installer and integration with system authentication, eCryptfs provides an elegant home directory encryption scheme while continuing to deliver an outstanding user experience.

Encrypted Home Directories proudly demonstrate Ubuntu’s leadership in developing a secure Linux desktop without sacrificing usability.

Fatal error: Call to undefined function aa_author_bios() in /opt/apache/dms/b2b/linux-mag.com/site/www/htdocs/wp-content/themes/linuxmag/single.php on line 62