[Bug 1842417] [NEW] Consider reintroducing home encryption using fscrypt

[Redsandro]

Public bug reported:

Home encryption using ecryptfs was removed in Ubuntu 18.04 for reasons.
Full disk encryption was recommended as an alternative.

Not everyone agrees that encrypting the entire disk is the best
alternative. Some prefer a more lightweight solution. Others have
families and like to share a laptop, perhaps even with an unprivileged
guest account, and family members want to encrypt their home with a
personal password.

For some, full disk encryption is unwanted because of reasons. Linux
Mint 19, based on Ubuntu 18.04, re-introduced home encryption using
ecryptfs because users wanted it.

Can we re-introduce home encryption, this time using fscrypt? Not only
was this suggested (way prematurely) by the Ubuntu 18.04 release notes,
it's also nearing completion with final patches scheduled for Kernel
5.4. It would be beneficial if we could get this as an option for Ubuntu
20.04 LTS.

Resources:

Encrypted home with fscrypt
https://askubuntu.com/a/1031509/40475

Kernel patches for fs keyring
https://git.kernel.org/pub/scm/fs/fscrypt/fscrypt.git/log/

Key managemekt fixes in fscrypt tools
https://github.com/ebiggers/fscrypt/commits/fscrypt-key-mgmt-improvements

** Affects: ubiquity (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubiquity in Ubuntu.
https://bugs.launchpad.net/bugs/1842417

Title:
  Consider reintroducing home encryption using fscrypt

Status in ubiquity package in Ubuntu:
  New

Bug description:
  Home encryption using ecryptfs was removed in Ubuntu 18.04 for
  reasons. Full disk encryption was recommended as an alternative.

  Not everyone agrees that encrypting the entire disk is the best
  alternative. Some prefer a more lightweight solution. Others have
  families and like to share a laptop, perhaps even with an unprivileged
  guest account, and family members want to encrypt their home with a
  personal password.

  For some, full disk encryption is unwanted because of reasons. Linux
  Mint 19, based on Ubuntu 18.04, re-introduced home encryption using
  ecryptfs because users wanted it.

  Can we re-introduce home encryption, this time using fscrypt? Not only
  was this suggested (way prematurely) by the Ubuntu 18.04 release
  notes, it's also nearing completion with final patches scheduled for
  Kernel 5.4. It would be beneficial if we could get this as an option
  for Ubuntu 20.04 LTS.

  Resources:

  Encrypted home with fscrypt
  https://askubuntu.com/a/1031509/40475

  Kernel patches for fs keyring
  https://git.kernel.org/pub/scm/fs/fscrypt/fscrypt.git/log/

  Key managemekt fixes in fscrypt tools
  https://github.com/ebiggers/fscrypt/commits/fscrypt-key-mgmt-improvements

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1842417/+subscriptions