How to stop using built-in home directory encryption?

Googling around, I found this post:

Not to bring up an old thread but in case anyone has errors trying to follow these instructions, here is what I did.

1. Backup the home directory while you are logged in sudo cp -rp /home/user /home/user.backup

   1.1. Check that your home backup has everything!!!

2. reboot into root via grub
3. Delete your home directory rm -rf /home/user
4. Remove the packages apt-get remove ecryptfs-utils libecryptfs0
5. Restore your home directory mv /home/user.backup /home/user
6. reboot
7. Remove any of those .Private .ecryptfs folders rm -rf ~/.Private rm -rf ~/.ecryptfs
8. Yay!

This worked for me. Home folder file permissions stay intact and does not bugger up Dropbox or git repos. Some reason my fresh install on Ubuntu 9.10 would not do the first command. Just make sure you think the process through when using rm -rf. Just wanted to post this not only for my record, but anyone else who encounters problems.

Some notes

• reboot into root via grub was a bit unclear to me; I didn't reboot, just switched to using root (another user account with sudo privileges would work equally well).
• Before removing the packages ecryptfs-utils and libecryptfs0 would work, I needed to remove /home/.ecryptfs/<myusername>. (It complained that ecryptfs-utils was in use.)

Other than that, this worked for me. It's far from simple though, so feel free to post better solutions!

Here you are, hope this helps (see ecryptfs-setup-private(1)):

$ ecryptfs-setup-private --undo

The output claims:

In the event that you want to remove your eCryptfs Private Directory setup, you will need to very carefully perform the following actions manually:

1. Obtain your Private directory mountpoint

   $ PRIVATE=`cat ~/.ecryptfs/Private.mnt 2>/dev/null || echo $HOME/Private`
   

2. Ensure that you have moved all relevant data out of your $PRIVATE directory

3. Unmount your encrypted private directory

   $ ecryptfs-umount-private
   

4. Make your Private directory writable again

   $ chmod 700 $PRIVATE
   

5. Remove $PRIVATE, ~/.Private, ~/.ecryptfs

   Note: THIS IS VERY PERMANENT, BE VERY CAREFUL

   $ rm -rf $PRIVATE ~/.Private ~/.ecryptfs
   

6. Uninstall the utilities (this is specific to your Linux distribution)

   $ sudo apt-get remove ecryptfs-utils libecryptfs0
   

1st thing to do: BACKUP YOUR HOME. I can't say it louder... basically undoing encryption is equivalent to resetting (rm -rf) your home, which is in fact hidden by a mount.

2nd step: log out of any desktop manager and go to a virtual console (Ctrl + Alt + F3)

Finally, for details:

ecryptfs-setup-private --undo

In the event that you want to remove your eCryptfs Private Directory setup, you will need to very carefully perform the following actions manually:

1. Obtain your Private directory mountpoint PRIVATE= cat ~/.ecryptfs/Private.mnt 2>/dev/null || echo $HOME/Private

2. Ensure that you have moved all relevant data out of your $PRIVATE directory

3. Unmount your encrypted private directory

   ecryptfs-umount-private
   

4. Make your Private directory writable again

   chmod 700 $PRIVATE
   

5. Remove $PRIVATE, ~/.Private, ~/.ecryptfs Note: This is very permanent, be very careful.

     rm -rf $PRIVATE ~/.Private ~/.ecryptfs
   

6. Uninstall the utilities

    sudo apt-get remove ecryptfs-utils libecryptfs0
   

I would say step 5 is a bit wrong : there's no need to delete $PRIVATE, which was for me my home....

After .Private and .ecryptfs deletion, just restore your home :]

This steps will work in a server environment

1. Backup your home directory

   sudo cp -rp /home/$USER /home/$USER.backup
   

2. Confirm whether everything is backup

   sudo ls -al /home/$USER.backup
   

3. Umount the home folder, because the encryption program usually mounts it to mount point e.g /home/$USER,also known as $HOME. You can confirm your mount point by running df -h $HOME. You will have to cd /tmp (or some other non-$HOME directory) to be able to unmount $HOME.

   cd /tmp
   sudo umount /home/$USER
   

4. Delete the old home folder

   sudo rm -rf /home/$USER
   

5. Remove encrytion program file

   sudo rm -rf /home/$USER.backup/.ecryptfs
   

6. Remove encryption utillities from the system

   sudo apt-get remove ecryptfs-utils libecryptfs0
   

7. Restore unencrypted home folder back to it original path

   sudo mv /home/$USER.backup /home/$USER
   

8. Change ownership of the restored folder back to your user

   sudo chown -R $(id -u):$(id -g) /home/$USER
   

9. Logout/Login, to be sure all user stuff gets restarted right (or that errors will occur while you remember what you're done).

Adding another guide to the long list after I realized that the most intrusive steps mentioned elsewhere are not necessary.

My guide needs no reboot and I have successfully finished it over SSH. It should also work if there are other eCryptfs mounts on the machine.

The only non-obvious requirement is to be able to login as another user with sudo access.

1. Login as the user with the encrypted home directory (called user in this guide).

2. Just to keep the paths in the following steps simple and symmetric:

   cd /home
   

3. Duplicate the decrypted home folder contents to another directory.

   sudo cp -rp user user.new
   

4. Logout (exit or logout). Login as another sudoer.

5. Check that the eCryptfs mount is unmounted. Do not umount it manually, it may lead to data loss! (Experienced myself. I was having another SSH session with user logged in.)

   mount | grep ecryptfs
   

   The output must be empty. Or, if there are any other eCryptfs mounts, it must not contain /home/user.

6. Just like step 2.

   cd /home
   

7. Mark the duplicate as not being managed with eCryptfs. (There is no need to uninstall eCryptfs packages, especially when there are other eCryptfs mounts.)

   sudo rm user.new/.ecryptfs user.new/.Private
   

8. Move the not encrypted home directory into place.

   sudo mv user user.old && sudo mv user.new user
   

9. Login as user and check that everything works and eCryptfs does not kick in.

   mount | grep ecryptfs
   

10. Remove the original contents of user’s home folder and the encrypted data.

    rm -r /home/user.old
    sudo rm -r /home/.ecryptfs/user
    

Jonik’s explanation works well. But instead of step 2, I did:

1. Logout
2. Press Ctrl+F4. A command line interface should open.
3. Login as root
4. rm -rf .ecryptfs

Then, instead of step 6: Press Ctrl+F7. If your GUI login screen does not appear, press Ctrl+F8.

• if you can backup to an external storage, do it. (Not directly needed, but always good before file manipulation.)

• get familiar with tty, at least a little. (Press Ctrl Alt F7, Ctrl Alt F1 etc.) You will need to work with two tty-s. One root and one of your main user.

• log in as root on a separate tty, create a new home directory

  mkdir /home/user.newdir
  chown user:user /home/user.newdir
  

• log out of the graphical session. You can reboot to make sure no programs are working from under your normal user.

• log in as your normal user on a separate tty, move all your files to the new destination:

  mv ~/* /home/user.newdir/
  

• using the root tty, rename the directories:

  mv /home/user /home/user.encfs
  mv /home/user.newdir /home/user
  

• everything should work by now.:) Once you're ready, remove the old files /home/.encryptfs, /home/user.encfs, /home/user/.Private, /home/user/.encryptfs. If you want, you can rename them first and remove them later.

I didn't use any of the answers here. Instead (in Ubuntu Studio 14.04):

1. I copied all the files I wanted to keep, especially all the .* files, into a directory outside $HOME.
2. I created a new user (System > Users and Groups) and added that user to the sudo group. I left the box "Encrypt home folder to protect sensitive data" unchecked.
3. I logged out and logged back in as the new user then deleted my original account, checking to see what the numerical UID was first (advanced options), selecting the option to delete the files in my original $HOME. This completed but with an "unknown error". Checking in /home I could see that my old $HOME was gone
4. I re-created my original user account checking to see that it was created with the original numerical UID, which it was, and being sure to leave the "Encrypt home folder to protect sensitive data" box unchecked.
5. I deleted the new, practically empty, version of my original $HOME directory and renamed my back-up of $HOME to my original $HOME and logged out.
6. I logged into my new original account and it was as if nothing had happened.
7. I checked /home to find a directory .ecryptfs which I removed with no ill effect.

I see no reason that removing the package which provides for encrypted home directories should not be optional, and I've deferred removing the new user account I created for this purpose since I think it might come in handy in future.

My reason for doing this? The old computer looks like it's failing. When it does fail, I want to be able to access the HD on another computer without any hassles.

In Ubuntu 16.04 these steps were performed:

1:sudo cp -rp /home/USERNAME /home/USERNAME.backup

2:sudo -i

3: umount -fl /home/USERNAME

4:rm -rf /home/USERNAME

5:apt-get remove ecryptfs-utils libecryptfs0 -s

6:mv /home/USERNAME.backup /home/USERNAME && rm -rf /home/USERNAME/.Private && rm -rf /home/USERNAME/.ecryptfs

7:reboot now

Simple solution which worked for me:

You should have another user with sudo access

1. Reboot
2. On login screen press CTRL+ALT+F1
3. Login as the other user (with sudo access)
4. sudo rm -rf /home/youruser/.ecryptfs
5. sudo rm /home/youruser/.Private
6. sudo apt-get remove --purge ecryptfs-utils libecryptfs1
7. sudo reboot
8. Login as your user and enjoy your home dir without encryption ;)