Ubuntu – Can I disable full-disk encryption


I recently installed Ubuntu 12.10 and it requires a passphrase to boot up (I installed it with an encrypted file system).

Do I have to reinstall to change to a standard unencrypted file system?

Best Answer

  • If Ubuntu asks for an encryption passphrase during boot (i.e. on the text console before the login screen is displayed), this indicates that a full disk encryption method was used. (There's more than one way to do this, but I'll keep the answer general.) The encryption is handled by an extra software layer between the file system and the physical hard drive, not the file system itself.

    There is no simple method or tool to undo this. With some knowledge about how Linux systems work, it can be done. You'd have to move the whole file system (or all files) to another partition (with enough free space) or external HDD. Then, remove the encrypted container, and recreate the file system without encryption. Finally, make sure that the new file system is properly recognized by the boot loader and mount -a before rebooting.

    If possible, it's best to avoid this time consuming and error-prone procedure. Just do a fresh install. For a new users, this is the quickest and safest option.

    PS: Chances are that you can change the encryption passphrase, possibly to an empty string. Then decrypting only requires to press Enter. Maybe you can go further and supress to (now useless) passphrase prompt. However, this does not disable the encryption. The data would still be encrypted although the encryption would be useless since the key can be trivially guessed.