Ecryptfs-Desktop-Ui

Differences between revisions 16 and 17
Revision 16 as of 2009-06-17 15:38:46
Size: 8486
Editor: mail
Comment: +my comments
Revision 17 as of 2009-11-17 18:50:56
Size: 8548
Editor: 63
Comment:
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
 * '''Launchpad Entry''': UbuntuSpec:ecryptfs-desktop-ui  * '''Launchpad Entry''': [[https://blueprints.launchpad.net/ecryptfs/+spec/ecryptfs-desktop-ui/|ecryptfs-desktop-ui]]

Summary

Currently there is no graphical utility to configure ecryptfs-utils once installed, however some experimental work has been done at https://launchpad.net/ecryptfs-gui. Ideally in Jaunty a graphical utility would be included in ecryptfs-utils that allows a user to set up, manage, and configure encrypted directories such as Private and Home.

Release Note

A new entry "Encrypted Directories" now appears in System -> Preferences after installing ecryptfs-utils, allowing users to set up, configure, and manage encrypted directories.

Rationale

Desktop users would benefit from a non-terminal solution to configuring and maintaining encrypted directories.

Use Cases

  • Kevin is comfortable with installing ecryptfs-utils via Synaptic but is not comfortable with a terminal and would like a graphical application to allow him to set up an encrypted Private directory.
  • Mariya has an encrypted Private directory but needs a way to easily toggle automatic mounting/unmounting at login/logout.
  • Enub would like to unmount and mount his encrypted directory occasionally during his session.
  • Mark would like a utility to guide him through setting up an encrypted home directory.

Assumptions

Currently the UI assumes that the user has installed ecryptfs-utils and configured Private or their home direcotpry. However ideally this will be abstracted to:

  • Detect if there is no encrypted Home/Private, and if not, walk the user through setting up a Private.
  • More ideally, if the UI goes in a place in some other Encryption preferences UI, detect if ecryptfs-utils is installed and if not, offer to do so.

Design

We suggest that the following functionality might be integrated into Ubuntu under:

  • System -> Preferences -> Encryption and Keyrings

perhaps as a new tab after Encrypted and PGP Passphrases.

Graphical configuration front-end utilities are needed for each of the following ecryptfs command line utilities:

Utility

Description

Status

ecryptfs-add-passphrase

Enter a passphrase as a text string and this utility will add it to the kernel keyring

Needed

ecryptfs-insert-wrapped-passphrase-into-keyring

Enter the login passphrase as a text string and this utility will unwrap ~/.ecryptfs/wrapped-passphrase and add it to the kernel keyring

Needed

ecryptfs-mount-private

Enter the login passphrase as a text string and this utility will mount the private directory

Needed

ecryptfs-rewrap-passphrase

Enter the old wrapping passphrase, and new passphrase and this utility will rewrap the wrapped passphrase

This one may not be needed--this is handled by PAM on password change

ecryptfs-setup-private

This utility will setup an encrypted private directory (or home directory); it takes several options and has several operating modes; this will definitely be the most complicated UI utility

Needed

ecryptfs-umount-private

This utility will unmount a mounted encrypted private or home directory

Needed

ecryptfs-unwrap-passphrase

Enter the login passphrase as a text string and this utility will unwrap and display the mount passphrase; this is the most important interface to implement; users MUST be able to retrieve their mount passphrase for archiving/off-site-storage/escrow, particularly when randomly generated

Needed

ecryptfs-wrap-passphrase

Enter a passphrase to wrap and a wrapping passphrase, and this utility wrap the passphrase and store it in a file

Probably not necessary to implement this one

keyctl show

List current keys in this user/session's current kernel keyring

Would be nice to have

keyctl clear @u

Clear current keys in this user/session's current kernel keyring

Would be nice to have

Additionally, for proper desktop integration, a UI should:

  • Integrate with the file manager for easy and intuitive [un]mounting when in the Private directory.
  • toggle automatic mounting/unmounting at login/logout
  • If Home is encrypted via installer, make sure a user understands the incredible importance of storing passphrase, such as via tray icon until they have done so.
    • This item is very important

Implementation

  • API
    • DONE: create Python API so anyone can easily manipulate ecryptfs
    • DONE: get private directory location and implement getMounted() via new file in Jaunty
    • ship with ecryptfs and symlink into site-packages, or otherwise make available to system
      • decide on python module name (just ecryptfs?)
  • Gnome
    • Create GTK utility for managing options:
      • DONE: [Un]mounting
      • DONE: Toggling automatic login/logout mounting/unmounting
      • Display unwrapped passphrase for easy copying/printing
      • Setup Private if no encrypted Home/Private exists
      • Integrate into System > Preferences > Encryption and Keyrings as tab "Encrypted Directory"

        • Tab should either always be there or never (otherwise confusing user experience) so if ecryptfs-utils isn't installed, have a button to install it.
      • Ensure UI changes appropriately between states:
        • if a user installs ecryptfs via UI, now show setup private UI
        • if a user sets up private with UI, now show settings
        • perhaps best done with three panels: install, setup, manage, with only the appropriate being enabled. Anything above the enabled one is hidden, and anything below the enabled one is disabled.
    • Integrate "locking" and "unlocking" into nautilus. Mockup: http://launchpadlibrarian.net/17440012/mockup.png

    • DONE: Notify user of importance of writing down passphrase: via InteractiveUpgradeHook

Code Changes

  • Gnome
    • adding UI as tab to Encryption and Keyrings
    • nautilus hook
    • encrypted Home tray icon

Mockup

mockup.png

Test/Demo Plan

It's important that we are able to test new features, and demonstrate them to users. Use this section to describe a short plan that anybody can follow that demonstrates the feature is working. This can then be used during testing, and to show off after release.

This need not be added or completed until the specification is nearing beta.

Unresolved issues

Future

There are a few items which would be nice and/or intuitive to have in an interface that configures encrypted directories, but lack underlying support in ecryptfs.

  • Undo encryption
    • n.b. This would require some complex support in ecryptfs-utils -- Dustin is working on this in the background as part of his "live migration to/from encrypted directories" effort

  • Migrate unencrypted Home directory to encrypted Home directory
    • Let's handle this as a separate spec. It's a lot of work, and I'm working on it. -- DustinKirkland

BoF agenda and discussion

  • IMHO we'd rather have an encrypted Private directory working out of the box than a tool to configure it. Why do we need to bloat the Preferences menu even more? What the user wants is a ~/Private folder with a little logo to tell him his files are encrypted in it. At most, maybe a Nautilus extension so that some config options appear in the Properties dialog of the Private folder, but nothing more. Nobody wants to mount/unmount the encrypted folder manually, and the tool does automounting in such a great way ATM.
    • I think the consequences of losing data are too important to have a Private directory by default, it really needs to be an opt-in scenario. And then following this, file properties will only work to modify existing directories, how do you create one? A properties Tab that contains a button to the Encryption and Keyrings isn't a bad idea, but I do believe Encryption and Keyrings is more intuitive then adding an 8th tab in the file manager properties. -mrooney
      • I second the notion of putting this in System -> Preferences -> Encryption and Keyrings

  • mockup.png - Inconsistent use of "locked" and "encrypted". Suggest to use "encrypted" only. (If the dialog is ever used.) -- PetrB


CategorySpec

Specs/Ecryptfs-Desktop-Ui (last edited 2009-11-17 18:50:56 by 63)