Ubuntu – How to safely back up the “Private” folder


I have an ecryptfs "Private" folder in my home directory, and it is set up to automatically mount whenever I log in. I want to set up automatic backups to a network drive, but I don't want the contents of Private to be readable on the remote server. My understanding is that the Ubuntu "Backup" utility would run while I'm logged in, so it would see the folder contents without encryption. I'm backing up from a laptop, so it is essentially only on when I am logged in.

I know that the Private folder is essentially a mounted filesystem, so it seems like I should be able to backup the encrypted image rather than the cleartext contents.

What steps are needed to safely back it up, while maintaining the encryption? Note that I'm already familiar with the backup tools available, this question is about dealing with the ecryptfs folder safely.

Best Answer

As it turns out, the .Private filesystem is ecryptfs, which contains a separate encrypted file for each item.

My solution is to backup the contents of ~/.Private (even though it is mounted at the time). The backup process should handle any changes in that folder gracefully since they are individual files.