ecryptfs-manager

ecryptfs-manager [options]

-h
    Displays a brief help message and exits.


--help
    Displays a more detailed help message and exits.

ecryptfs-manager provides an interactive interface for managing eCryptfs encrypted directories. It simplifies common encryption tasks such as creating new encrypted directories, mounting existing ones, unmounting them securely, and changing passphrases for existing encrypted mounts. Acting as a user-friendly frontend, it abstracts away the complexities of the underlying ecryptfs-utils command-line tools. While eCryptfs itself is a kernel-level stacked filesystem that performs cryptographic operations on the fly, ecryptfs-manager streamlines the initial setup and day-to-day management of these encrypted mounts. This utility was particularly useful for setting up home directory encryption or creating private user directories, offering a layer of data protection for specific user data. It is commonly found as part of the ecryptfs-utils package and was historically a prominent feature on Ubuntu and other Debian-based systems for simplifying home directory encryption for many users.

eCryptfs has largely been superseded by other encryption methods like LUKS for full-disk encryption and fscrypt for per-directory encryption on modern Linux distributions, primarily due to considerations around performance, complexity, and ongoing maintainability. Data recovery can be exceptionally challenging if the passphrase is lost or if the underlying .ecryptfs structures become corrupted. Using eCryptfs introduces a noticeable performance overhead due to the on-the-fly encryption and decryption operations.

The primary function of ecryptfs-manager is to launch an interactive user interface. This interface can manifest as a text-based curses UI in a terminal or a graphical UI if X is available and the necessary dependencies are met. Users navigate this interface to perform various management tasks, such as creating new encrypted directories, mounting existing ones, unmounting them, and managing passphrases, rather than relying on complex command-line arguments.

Unlike full-disk encryption solutions (e.g., LUKS), ecryptfs-manager is specifically designed to simplify the management of individual encrypted directories. This typically includes a user's home directory or a designated 'Private' directory, offering a localized layer of data protection rather than encompassing an entire storage device or partition.

eCryptfs was a prominent choice for home directory encryption in Ubuntu for several major releases (e.g., up to 16.04 LTS). ecryptfs-manager was developed to provide a simpler, interactive interface for users to manage their eCryptfs setups, thereby abstracting away some of the complexities of the underlying ecryptfs-utils commands. Its general usage has declined in recent years, largely in favor of newer, more robust, and often faster encryption solutions like LUKS (for Full Disk Encryption) and fscrypt (for per-directory encryption) on contemporary Linux systems.

ecryptfs(7), ecryptfs-mount-private(1), ecryptfs-unwrap-passphrase(1), mount(8), cryptsetup(8), fscrypt(8)