Encryption Options

I use Windows 10 and both my internal system SSD and my portable hdd are encrypted with bitlocker. I doubt there is a bitlosker that is crossplatform, but is there some other whole-disk encryption options I can use? I would like it to work across Windows and Linux and Android, but any options are worth considering. Windows 10 has gotten a but too big for theor own britches!

The standard installer that you see when you boot the ISO has the option to-do full disk encryption.

Is that what you are after?

Possibly. Can I use the same encryption options after installation, both the internal SSD and external USB devices? I am installing on a tablet PC with only one USB port, which is taken by the boot USB to do the installation with, so until the installation is done, I cant use a keyboard, and based on previous times I have installed Budgie in this tablet, without the keyboard, I couldn’t use the installation option that included disk encryption.

1 Like

"You can encrypt your data after installation even though you didn’t choose to encrypt it during installation.

To encrypt your entire /home directory and, all it’s sub-directories, such as Documents, Downloads, Music, etc. read this link: how-to-encrypt-your-home-folder-after-installing-ubuntu that explains how to encrypt /home after you’ve installed Ubuntu. There are plenty of screenshots and narrative walking you through the process.

To summarize the link what you need to do is:

  1. Backup your data. Although the migration process uses a working backup you want your own just to be safe.
  2. Install the encryption software with sudo apt-get install ecryptfs-utils cryptsetup .
  3. Create a temporary account with sudo privileges. In order to encrypt your /home directory you can’t be logged on as yourself.
  4. Login with temporary account.
  5. Migrate your data from unencrypted /home directory to an encrypted /home directory using the command sudo ecryptfs-migrate-home -u user where “user” is your regular user name.
  6. Please note besides encrypting /home your swap partition can also be encrypted for maximum protection.
  8. Login with your regular user name. A random passphrase can be generated which you need to write down if something goes wrong in
    the future and you need to access /home folder manually.

Some people feel encrypting all of /home is overkill and can be too cumbersome when moving /home to another computer or different drive on the same computer. I tried encryption when I installed Ubuntu for the first time in 2014 but when I messed things up and had to reinstall Ubuntu I skipped the encryption option after reading problems other users encountered (although I never did have encryption problems).

If you don’t want to encrypt /home and all the sub-directories. You can have a single encrypted ~/.Private directory where you can keep certain files that need encryption such as “things I don’t want the NSA to know” or “wife’s surprise birthday party planning”. This is described here: EncryptedPrivateDirectory"

I copied this reply from: https://askubuntu.com/questions/820642/how-to-add-encryption-after-installation

I hope this helps you

1 Like

Great info. Thank you. In Windows 10 with Bitlocker used on my external USB HDD, I have to enter my passcode for that HDD before I can access it. Is there a similar feature to secure an external HDD in Ubuntu? If so, I will probably head back to Budgie. I really thought M$ has learned their lesson with buggy patches and fixes to fix fixes they broke with previous fixes, but apparently, there os no teaching that old dog new tricks.

1 Like

This will get you where you need to


1 Like