0. The Plan

To quickly recap, I am suggesting that everyone encrypts at least their home directory by Christmas Day:

• Firstly, I explained my approach for encrypting a Linux laptop.
• Secondly, we set up the encrypted partition, testing that it worked at a dummy mount point.
• Thirdly, we will now copy our files to the encrypted partition, set the encrypted partition to be mounted as /home and then shred the old copies.

1. Copy your data to the encrypted partition

We want to copy the data from the existing home partition to our encrypted partition that will be the home partition after the switch.

The simplest way is to use copy:

cp -arv /home/* /mnt/sda4/

If you get any permission errors, use sudo at the front of the command to force it (you also might want to look into your permissions at some point).

Another option is to use rsync, this can be resumed after any interruptions.

rsync -tarv /home/* /mnt/sda4/

Satisfy yourself that the data is the same in both directories. One useful check is to check the amount of space used:

du -h --max-depth=0

Run the command in both directories and compare the numbers, for more precision, you can remove the -h argument.

Now is a good point to make a backup of your own irreplaceable files. You could use scp to make a copy over the network, or you could put them on a portable storage medium such as a CD. I personally did not bother backing up public files like podcasts or downloaded PDFs as I knew I could easily get these again if something went wrong.

2. Remove non-sensitive files

The next step is to quickly go through the old /home directory and remove obviously non-sensitive files; this will save time as securely deleting (shredding) takes a little longer.

You can remove non-sensitive files using the rm command or through the graphical file manager. If you do remove files through the graphical file manager, do not forget to empty them out of the Trash as well.

I started by removing non-sensitive binary files such as random audio and video files, photos, academic materials and my Sandbox directory (where I make websites, scripts and code - most of it is open source or on the web already).

This reduced my home directory from 13G to 228M, or in other words, 98.25% of my home directory was obviously non-sensitive data. This is in part due to the fact that I have only had the computer for a few weeks.

3. Alter the File System table (again)

We added the encrypted partition to the file system table already in the last post, however now we want to change it so it mounts the encrypted partition as /home. So we need to edit the line in /etc/fstab to specify /home rather than /mnt/sda4 or whatever you called it.

So again we edit /etc/fstab with your favourite editor:

sudo emacs /etc/fstab

The line in my fstab now looks like this:

/dev/mapper/crypt-home /home  reiserfs  defaults  0   2

Now when we reboot, it will mount the encrypted partition as /home, protecting our files. However do not reboot yet; it is not quite mission accomplished as we have to get rid of the old copies safely.

4. How to shred sensitive files

After part two above, the final 1.75% of my home directory consisted of 6M of Email, 1.9M of sensitive Documents, a few K of private keys, and over 200M of hidden files, mostly application data, the largest items were 76M for tracker, 20M of downloaded RSS feeds, 10M for Mozilla, 10M of thumbnails, 5M for Enemy Territory, 2.5M for OpenOffice and 1.5M for gconf.

So I decided to shred all of this remaining 228M.

On all the major operating systems, deleting a file merely unlinks it, so the operating system can write over that part of the disk in the future, however until that time, the data is still in place on the disk and can (in theory) be recovered.

The shred command writes over a file repeatedly, making it very hard indeed to recover the data. The default to to write over a file 25 times, but you can set the number via a command line argument (-n) read the man page for for details.

Again this may not stop someone who is really keen to get your data and has unlimited money, time, knowledge and computing power, but it is pretty effective otherwise.

Now the common mistake is to use the following command, and think that the file has gone:

shred file.txt

Here the data has been overwritten but the file is still linked to. You need to use the -u argument to unlink the file as well:

shred -u file.txt

5. Shred everything left within the /home partition

At this point, I have a copy of all the data within the encrypted partition (/dev/hda4) and I have also made a copy to another machine of everything important to me.

So now we are going to shred all the files that remain within the /home partition. Since some of these files are used by the running graphical environment, it is best to kill the graphical user interface (GUI) and do this from the command line (another option would be to use a LiveCD).

Killing the GUI is quite simple, we just stop the process that started it, this is normally the the display manager, i.e. the login program.

On Gentoo:

sudo /etc/init.d/xdm stop

On Ubuntu:

sudo /etc/init.d/gdm stop

Start by logging in to the terminal using your normal username and password. Then move out of the home directory using:

cd ..

Then we become root:

sudo su

In the examples, I am imagining that my username is 'user', obviously you need to use your own username.

We need to recursively shred the contents of your user's home directory. There are two ways to go, the rather unsophisticated way is to keep adding a slash and a star until there is nothing left:

shred -u user/*
shred -u user/*/*
shred -u user/*/*/*

A more fun way is to use find to create a recursive shred.

find -H user -type f -exec shred -u {} \;

Either way, we need to mop up the redundant directories:

rm -r user

That's it. If you have more users then rince and repeat.

When you reboot, the encrypted partition will mount as /home. Hopefully, everything has gone well and you are done. You personal data is now far more protected in case of being physically stolen.

Footnote: Ext3 journal modes

The Ext3 filesystem is slightly confusing as it has changed its behaviour over different versions and documentation in man pages and on the web does not seem to have caught up.

In earlier versions of ext3, the default mode was to write the data to the journal itself and so data could sometimes be recovered from the journal, making shred ineffective on files - you had to shred the whole device to be sure it was really gone.

However, the default mode in modern versions of ext3 is 'ordered mode', this only writes metadata to the journal. Meaning shred works again.

On the topic of shred and journaled filesystems, there is some useful discussion and links on the Linux questions Wiki.

Update

In an extra post we have updates and feedback.