Encryption Home Directory – How to Move Encrypted /home to a New Computer

deja-dupecryptfsencryptionhome-directorytransfer

Hi I have a new notebook and I want to move my home data to the new computer.

I think there are multiple ways of doing this

copy all to a external hdd and move back on new computer
do an Deja-Dup backup and then restore on the new computer
rsyc/move to new computer via sshfs
…?

My question is how do I keep the current ecrypt encryption of /home in place and get it working properly on the new computer.
How do I have to install the new computer so I can use the encrypted home files from the old?

If I would use Deja-Dup do I need to worry about the ecrypt stuff on the old machine or does the new installation simply enctypt everything new?

Best Answer

Great question! I actually do this quite frequently (every few months). To do so, I use rsync to copy all of my /home partition/directory from the OLD machine to the NEW one.

First, ensure that you have openssh-server and ecryptfs-utils installed and running on the NEW machine.

sudo apt-get install openssh-server ecryptfs-utils

You could install your public SSH key in the root user's /root/.ssh/authorized_keys file. But I usually set a root password on the NEW machine.

sudo passwd

Also, on the NEW machine, create a new user, who's name and password precisely matches the name and password on the old machine.

sudo adduser YOURUSER

Make absolutley sure that YOURUSER is NOT currently logged into either the NEW machine or the OLD machine.

Now, from the OLD machine, as root, rsync your /home directory from the OLD to the NEW machine:

sudo rsync -aP /home/ NEW:/home/

Finally, make absolutely sure that the files on the NEW machine are owned by YOURUSER:

sudo chown -R /home/.ecryptfs/YOURUSER /home/YOURUSER

And that should do it! You should be able to login as normal to your NEW machine and read and write your data!

Full disclosure: I'm the author and maintainer of Ubuntu's Encrypted Home Directory feature.

Related Solutions

Ubuntu – Recovering from a move of /home when it’s encrypted (ecryptfs)

sudo ln -s /home/.ecryptfs/$USER/.Private /home/$USER/.Private
sudo ln -s /home/.ecryptfs/$USER/.ecryptfs /home/$USER/.ecryptfs
sudo chown $USER:$USER /home/$USER

Then log out and log back in. Note that these commands probably need to run as root (using sudo), as an unmounted /home/$USER might be readonly.

Ubuntu – Recovering data from Private in an ecryptfs backup when the new home is also encrypted

The best way to recover is by using the ecryptfs-recover-private utility from a LiveISO.

I say that because this will ensure that your recovery happens in a safe, repeatable, read-only environment.

That said, you certainly can run ecryptfs-recover-private on a running system. But I'd strongly recommend that you log out all instances of the user you're trying to recover, and then login as root or some other user.

Best Answer

Related Solutions

Ubuntu – Recovering from a move of /home when it’s encrypted (ecryptfs)

Ubuntu – Recovering data from Private in an ecryptfs backup when the new home is also encrypted

Related Question