Re: ecryptfs is unmaintained and untested
From: René Herman
Date: Mon Feb 16 2026 - 06:54:07 EST
It would be good to discuss how we can get the message out to users to
migrate off of eCryptfs so that functionality can be reduced and
eventually it can be removed.
What do folks think about the following?
1. Print loud warnings at mount time that eCryptfs is deprecated and
give a specific date when write support will be removed.
2. Remove write support at that date, while retaining read-only support
to allow any lagging users to move their data to fscrypt or other
alternatives.
3. Print loud warnings at mount that eCryptfs will be removed and give a
specific date.
4. Remove it.
Suggestions on lead times for #2 and #4 would be appreciated.
FWIW. Ever since Ubuntu dropped eCryptfs home-directory encryption already in I believe 18.04 from now 8 years ago, Linux Mint has probably been the single biggest consumer of eCryptfs: while based on Ubuntu, they've added back eCryptfs home-directory encryption in the installer ever since Ubuntu dropped it.
In the Mint project lead's latest blog he/they moreover proudly announced that their upcoming new & shiny GUI user-management tool will now support enabling home-directory also for at runtime added accounts (which up to now is done with adduser --encrypt-home from the command line only) rather than just the first, installer- created user account, and I am pretty much certain that the idea there still is *eCryptfs* home-directory-encryption. Mint is not the kind of project that routinely goes low-level.
https://blog.linuxmint.com/?p=4991
In any case then this is to say that they seem to not be planning on moving off of eCryptfs -- and Linux Mint is (probably?) the most popular Linux Distribution for/among new Linux users.
Have been commenting on this a bit as well on their forum, advocating for fully doing away with eCryptfs, but quite unsure that'll have any meaningful impact. Added the Mint project lead to the CC on this. If there's any progress to report on slashing eCryptfs he/they may want to be aware.
Regards,
Rene