Ubuntu 12.10 Adds Full Disk Encryption – FINALLY!

Any one who uses Ubuntu will know that during the installation of Ubuntu you have the option to encrypt your home folder. This is all well and good but it means that only your home folder is encrypted which means, should your machine fall into the wrong hands your system can still be booted up.

In the Ubuntu 12.10 Beta, there is now an option to encrypt the whole of the disk before installation. If you decide to encrypt your drive then you will be asked to set an encryption key. You will then be asked to insert your key every time you boot your machine before being allowed to get into Ubuntu.

This is a great addition to Ubuntu but it does come with one huge caveat - if you forget your encyption key, you will not be able to boot your machine. This means that your key should be complicated (so it isn’t easy to crack) yet easy to remember. If you’re not sure what to set, why not take a look at our guide to creating secure yet easy to remember passwords. I would also suggest that you set a different encryption key to your system password.

I am very big on security and I currently encrypt my hard drive using Truecrypt – it’s a great tool but now that this is available natively in Ubuntu I will certainly be taking advantage of the new feature.

With Ubuntu 12.10 now being in beta and a lot of parts being subject to a feature freeze, it’s reasonable to presume that this feature will be present in the actual release of Ubuntu 12.10 but we can’t be 100% sure until release day on 18th October 2012.

Will you be taking advantage of the new disk encryption feature in Ubuntu 12.10? Do you encrypt now? If so, what do you use?

Ubuntu 12.10 Adds Full Disk Encryption – FINALLY!
User Rating: 5 (1 votes)
  • http://techeverytime.com/ Ankur

    if I forget the key, will I be able to boot windows ?

    • http://www.refugeeks.com/ Kev Quirk

      At this point im not 100% sure if 12.10 encrypts just the Ubuntu installation partitions or if it’s the whole disk. If it’s the former then you maybe able to provided a separate boot loader is created by the installer and that isn’t encrypted.

      If it’s the latter, or if the boot loader is encrypted as part of the Ubuntu installation then no, you won’t be able to boot to Windows (or any other OS) without the key.

      • http://techeverytime.com/ Ankur

        Thats exactly what i was not sure of. I think it would be illogical to encrypt boot loader.

      • Thomas Wright

        This feature is just a GUI for setting up the standard Linux LUKS feature; this means that everything except your boot loader is encrypted and your boot loader will ask for your key when booting Ubuntu or otherwise boot as normal. Ecryptfs is different as the encryption is per user, and the key is tied to your user password.

  • Agmenor

    I’ll try that for my next installation. By the way, is this bug with Baobab Disk Usage Analyser fixed : http://askubuntu.com/questions/14208/why-does-an-encrypted-folder-totally-fill-my-home-folder ?

  • Mark

    It’s been available on the alternative cd forever. Is the point that you are making simply that it is I on the gui installer now?

  • Neemobeer

    Can you encrypt the disk if you upgrade from 12.04 to 12.10 via the update manager?

    • http://www.refugeeks.com/ Kev Quirk

      I’m not sure as I’ve done a re-install rather than an upgrade. If you still want to encrypt your drive you could use Truecrypt if it’s not supported via the upgrade path.

  • http://www.facebook.com/martin.ronn.bundgaard Martin Rønn Bundgaard

    Full disk encryption has been available in Ubuntu for some years using the alternative CD