Encrypting directories with eCryptfs
Encrypting entire partitions is cool, but you might, at times, just need to use file-level encryption to encrypt an individual directory. For that, we can use eCryptfs. We’ll need to use our Ubuntu machines for this, because Red Hat and its offspring no longer include eCryptfs. (It was in Red Hat 6 and CentOS 6, but it’s no longer even available for installation in any newer versions.)
Tip :
It’s possible to use eCryptfs on a LUKS-encrypted disk. But, it’s not at all necessary, and I really don’t recommend it.
Hands-on lab – encrypting a home directory for a new user account
In Chapter 3, Securing Normal User Accounts, I showed you how Ubuntu allows you to encrypt a user’s home directory as you create his or her user account. To review, let’s see the command for creating Goldie’s account:
- If it hasn’t already been done, install the
ecryptfs...
