There are several threads concerning deactivating encryption by ecryptfs on a home directory. A selection is listed below. All (seem to) suggest that the current home directory will be wiped out by the process of removing encryption.
The output of ecryptfs-setup-private --undo says
In the event that you want to remove your eCryptfs Private Directory setup, you will need to very carefully perform the following actions manually:
- Obtain your Private directory mountpoint $ PRIVATE=
cat ~/.ecryptfs/Private.mnt 2>/dev/null || echo $HOME/Private- Ensure that you have moved all relevant data out of your
$PRIVATEdirectory- Unmount your encrypted private directory
$ ecryptfs-umount-private- Make your Private directory writable again
$ chmod 700 $PRIVATE- Remove $PRIVATE, ~/.Private, ~/.ecryptfs Note: THIS IS VERY PERMANENT, BE VERY CAREFUL
$ rm -rf $PRIVATE ~/.Private ~/.ecryptfs- Uninstall the utilities (this is specific to your Linux distribution)
$ sudo apt-get remove ecryptfs-utils libecryptfs0
Since $PRIVATE is actually /home/user (the directory protected by encryption, please check), the current home directory gets emptied and deleted because of one's own doing through rm -rf $PRIVATE
I noticed one fellow's interesting remark on line 5. Reportedly https://askubuntu.com/a/10049/446253 did not find deleting home necessary, which is a very interesting hint. Making back-ups of data is good in its own right, but it's no immaterial thing if you could remove encryption without manipulating your user home content!
I am not certainly asking to put your own data at risk in place of mine, but could more experienced people judge whether a step 5 like rm -rf ~/.Private ~/.ecryptfs would be sufficient instead?
This could help out people who struggle with full disks to be emptied and cannot resort to network file systems because of encryption, for example.
Sources
How to stop using built-in home directory encryption?
Can you unencrypt / remove encryption from a user home folder?
How to disable encrypted home directory?
I took courage and created an encrypted mock user, say unlockMe (owing no sudo rights). On the terminal I did the following:
$ ecryptfs-umount-private ## as per instructions no. 3$ chmod 700 . ## as per instructions no. 4; . is \home\unlockMe$ rm -rf ~/.Private ~/.ecryptfs ## unlike the instructions no. 5$ sudo ls /home/unlockMewhence I could see the unencrypted content. In contrast, in case of encrypted content, I would have rather seen the filesAccess-Your-Private-Data.desktopandREADME.txtAlso note that one does not need to uninstall the utilities (unlike instructions no. 6) -- obviously not, if other users keep on using encryption.
Tested with Ubuntu 14.04 LTS and package ecryptfs-utils version 104-0ubuntu1.14.04.4.
Out of this single experiment I would conclude that there is no need to move your data anywhere else to give up encryption.
One reserve that I still have is that these operations might not actually mean giving up encryption completely, rather making the folders visible, (breaking the outer shell, so to speak). The directory
/home/.encryptfs/unlockMestill seems to be storing a lot of information in encrypted form. So it might well be that there much more going under the surface, and I await expert answers here.Please feel free to comment, edit or post alternative answers.