I have just discovered that home-folder encryption has been removed from Ubuntu because, it seems, it is considered buggy and under-maintained. Full-disk encryption is recommended as an alternative.
Reference: https://www.linuxuprising.com/2018/04/how-to-encrypt-home-folder-in-ubuntu.html As you already know, full-disk encryption wipes any existing OS such as Windows. Therefore, this gives extra impetus to this bug report. Phillip, I posted the message on the board as you requested, but as there has been no reply, I consider this request to be fully valid. ** Description changed: In today's world, especially with the likes of the EU's GDPR and the many security fails, Ubuntu installer needs to support full-system encryption out of the box. This means encrypting not only /home but also both root and /boot. The only parts of the system that wouldn't be encrypted are the EFI partition and the initial Grub bootloader, for obvious reasons. It should also not delete other installed systems unless explicitly requested. - Using LUKS and LVM, it is already possible... + On top of this, the previous method of encrypting data (ecryptfs) is now + considered buggy, and full-disk encryption is recommended as an + alternative. Unfortunately, the current implementation of full-disk + encryption wipes any existing OS such as Windows, making the + implementation unusable for most users. + + Now, using LUKS and LVM, it is already possible to have full-disk + encryption (strictly, full-partition encryption because it leaves any + existing OS alone), while encrypting /boot. Reference: https://help.ubuntu.com/community/ManualFullSystemEncryption ... but with one major limitation: Grub is incorrectly changed after an update affecting the kernel or Grub, so that a manual Grub update is required each time this happens (this is fully covered in the linked instructions). If the incorrect Grub change is fixed, it should be (relatively) simple to support full-system encryption in the installer. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1773457 Title: Full-system encryption needs to be supported out-of-the-box including /boot and should not delete other installed systems To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1773457/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
