Will an external HDD encrypted with 17.10 be accessible with 18.04 after an upgrade?

Question

I'm currently on 17.10 and don't use encryption on my internal drives but have an external USB disk which is encrypted. I use it for backups.

Because I am was not sure whether I use ecryptfs or cryptsetup I show the steps it took to set up the external disk:

Activities → Disks → Select drive → Create Partition → Format Volume:
Enter Password (twice) → Create

When I plug in the HDD, Ubuntu prompts me to enter the passphrase and then mounts it. It works like a charm and I'm able to write my backups to that external disk. There are no .Private folders and no other files besides the one I put there (plus the lost+found folder). For illustration I used a 4GB stick here but the steps were the same with the actual disk.

From some comments I learned this happens to be cryptsetup then and not ecryptfs.

What will happen when I upgrade to 18.04? Given 18.04 doesn't support encryption by default, I'm afraid I cannot restore my backups any longer.

Will it make a difference when I don't upgrade but do a fresh install?

per my answer below, all I had to do after upgrade was install cryptsetup and everything worked fine. — Joshua Besneatte, Jul 15 '18 at 14:58
@David: I just updated my post and am now thinking that I do NOT use "ecryptfs" but "cryptsetup". — PerlDuck, Jul 16 '18 at 11:45

Joshua Besneatte · Accepted Answer · 2018-07-16T16:00:52.337

5

You should have no trouble mounting the external drive as long as you have cryptsetup:

sudo apt install cryptsetup

Once this is installed you will be able to mount the drive via file browser.

edited Jul 16 '18 at 16:00

answered Jul 15 '18 at 14:32

Joshua Besneatte

4,643
5
21
40

1

all I know is that after upgrade to 18.04 I had to install cryptsetup to mount my drives in file browser where I was then able to tell it to automount and save password – Joshua Besneatte Jul 15 '18 at 17:11
OP clarified that they meant cryptsetup/LUKS and not ecryptfs. So never mind… – David Foerster Jul 16 '18 at 11:59

score 3 · Answer 2 · answered Jul 16 '18 at 18:36

You are using LUKS so Ubuntu is using cryptsetup behind the scene. Normally, encrypted volumne with LUKS should still work after an upgrade unless the default encryption method has changed.

There was a time many years ago, the default aes-cbc-plain was changed and that causes some drives not to mount unless the old encryption method is specifed explicitly. There is no such change between 17.10 and 18.04, so your situation should be okay.

NB: In Ubuntu 18.04, cryptsetup should came installed by default but if you wish to use cryptsetup as a command line tool in bash, you should install cryptsetup-bin

sudo apt-get install cryptsetup-bin

score 1 · Answer 3 · answered Jul 16 '18 at 12:09

I recommend that you boot a live system with Ubuntu 18.04 and simply try it out.

In any case you don't need to worry about data loss between releases, installations, or systems since with LUKS all the necessary parameters are stored in the volume header. Just make sure that cryptsetup is installed and don't lose your passphrase and/or key files!

If Ubuntu 18.04 lacks an auto-mount feature that asks for a decryption key upon device connection please ask a new question and I'm sure we can cook up some Udev magic to replicate this feature.

Will an external HDD encrypted with 17.10 be accessible with 18.04 after an upgrade?

3 Answers3

Linked