Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: Recover encrypted home partition. In trouble if lost

  1. #11
    Join Date
    Sep 2010
    Beans
    7

    Re: Recover encrypted home partition. In trouble if lost

    Hi KIAaze,

    Running in to problems.

    bash: cd: /media/e81ca359-a0ee-4357-9748-972b95db85a7/: No such file or directory
    ubuntu@ubuntu:~$ cd /media/276bb0d7-095a-4d6c-ad20-75a292b46823/
    ubuntu@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823$
    ubuntu@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823$ cd len/
    bash: cd: len/: Permission denied
    ubuntu@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823$ sudo su
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823# cd len/
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823/len# .Private/
    bash: .Private/: No such file or directory
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823/len# ls .Private/
    ls: cannot access .Private/: No such file or directory
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823/len# cd .ecryptfs/len/.private/
    bash: cd: .ecryptfs/len/.private/: No such file or directory
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823/len#

    Is this because of the structure of the files in the home partition?
    Please see this-
    http://ubuntuforums.org/attachment.p...1&d=1285339340

    "118 GB Filesystem" is the /home partition that is encrypted

    Thanks again
    Attached Images Attached Images

  2. #12
    Join Date
    Feb 2007
    Location
    perdita
    Beans
    1,625
    Distro
    Ubuntu

    Re: Recover encrypted home partition. In trouble if lost

    Ok, I'm assuming "/media/276bb0d7-095a-4d6c-ad20-75a292b46823/" is the 118 GB partition. (You can verify this by pressing "ctrl+L" in nautilus I think. Or some method to show the filepath instead of the "breadcrumb system".)

    Try (in a new terminal, to keep things clean):
    Code:
    sudo -i
    cd /media/276bb0d7-095a-4d6c-ad20-75a292b46823/.ecryptfs/len/
    ls -A /media/276bb0d7-095a-4d6c-ad20-75a292b46823/.ecryptfs/len/.Private
    ls -A /media/276bb0d7-095a-4d6c-ad20-75a292b46823/.ecryptfs/len/.ecryptfs
    ls /media/276bb0d7-095a-4d6c-ad20-75a292b46823/.ecryptfs/len/.ecryptfs/wrapped-passphrase
    If those commands work, you should be able to proceed with:
    1) Get the passphrase (unless you already have it)
    Code:
    ecryptfs-unwrap-passphrase /media/276bb0d7-095a-4d6c-ad20-75a292b46823/.ecryptfs/len/.ecryptfs/wrapped-passphrase
    It will ask for the login password of "len" and give you the passphrase.
    Then:

    2) Get the filename encryption key (if you have encrypted filenames)
    Code:
    ecryptfs-add-passphrase --fnek
    It will ask from the passphrase you got from the previous command and give you 2 keys. Note the 2nd key, which is the filename encryption key.

    3) Mount the encrypted directory
    Now you can mount the encrypted home dir on /mnt/Private:
    Code:
    mkdir /mnt/Private
    mount -t ecryptfs /media/276bb0d7-095a-4d6c-ad20-75a292b46823/.ecryptfs/len/.Private/ /mnt/Private
    It will request the passphrase first and then the filename encryption key you got from "ecryptfs-add-passphrase".
    All options can be left on default (just press enter), except "filename encryption", the "filename encryption key", the mount confirmation and the warning disabling question.

    Example:
    Code:
    Select cipher: 
     1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
     2) blowfish: blocksize = 16; min keysize = 16; max keysize = 56 (not loaded)
     3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 (not loaded)
     4) twofish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
     5) cast6: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
     6) cast5: blocksize = 8; min keysize = 5; max keysize = 16 (not loaded)
    Selection [aes]: 
    Select key bytes: 
     1) 16
     2) 32
     3) 24
    Selection [16]: 
    Enable plaintext passthrough (y/n) [n]: 
    Enable filename encryption (y/n) [n]: y
    Filename Encryption Key (FNEK) Signature [d1f18e68e1a7719d]: 8378660ef042249e
    Attempting to mount with the following options:
      ecryptfs_unlink_sigs
      ecryptfs_fnek_sig=8378660ef042249e
      ecryptfs_key_bytes=16
      ecryptfs_cipher=aes
      ecryptfs_sig=d1f18e68e1a7719d
    WARNING: Based on the contents of [/root/.ecryptfs/sig-cache.txt],
    it looks like you have never mounted with this key 
    before. This could mean that you have typed your 
    passphrase wrong.
    
    Would you like to proceed with the mount (yes/no)? : yes
    Would you like to append sig [d1f18e68e1a7719d] to
    [/root/.ecryptfs/sig-cache.txt] 
    in order to avoid this warning in the future (yes/no)? : no
    Not adding sig to user sig cache file; continuing with mount.
    Mounted eCryptfs
    Note: If you have not encrypted the filenames (but that's default since Ubuntu 9.04), you don't need step 2 apparently and can answer "no" to the filename encryption question.
    Last edited by KIAaze; September 24th, 2010 at 04:35 PM.

  3. #13
    Join Date
    Feb 2007
    Location
    perdita
    Beans
    1,625
    Distro
    Ubuntu

    Re: Recover encrypted home partition. In trouble if lost

    accidental duplicate post
    Last edited by KIAaze; September 24th, 2010 at 04:14 PM.

  4. #14
    Join Date
    Sep 2010
    Beans
    7

    Re: Recover encrypted home partition. In trouble if lost

    Hi KIAaze,

    I got a few lines from the end of your super clear instructions, almost jumping for joy, any idea what went wrong?

    I have highlighted in red where I think things went bad, but really no notion.


    ubuntu@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823$ sudo su
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823# -A
    -A: command not found
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823# cd len/
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823/len# -A
    -A: command not found
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823/len# ls
    Access-Your-Private-Data.desktop README.txt
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823/len# ls -A
    Access-Your-Private-Data.desktop .cache .ecryptfs .Private README.txt
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823/len# ll .ecryptfs
    lrwxrwxrwx 1 1000 1000 29 2010-09-14 21:56 .ecryptfs -> /home/.ecryptfs/len/.ecryptfs
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823/len# cd ..
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823# ls -A
    .ecryptfs len lost+found
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823# .ecryptfs/len/.ecrypts/bash: .ecryptfs/len/.ecrypts/: No such file or directory
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823# .ecryptfs/len/.ecrypts/.ecryptfs/len/.ecryptfs/wrapped-passphrase
    bash: .ecryptfs/len/.ecrypts/.ecryptfs/len/.ecryptfs/wrapped-passphrase: No such file or directory
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823# ls .ecryptfs/jamesbond/.ecryptfs/wrapped-passphrase
    ls: cannot access .ecryptfs/jamesbond/.ecryptfs/wrapped-passphrase: No such file or directory
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823# ls .ecryptfs/len/.ecryptfs/wrapped-passphrase
    .ecryptfs/len/.ecryptfs/wrapped-passphrase
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823# ecryptfs-unwrap-passphrase .ecryptfs/len/.ecryptfs/wrapped-passphrase
    Passphrase:
    4b5181e43399feb68abb945fe3a4baee
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823# ecryptfs-add-passphrase --fnek
    Passphrase:
    Inserted auth tok with sig [20b203e10c7d07b7] into the user session keyring
    Inserted auth tok with sig [cfd18f21d6828f63] into the user session keyring
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823# ls .ecryptfs/len/.Private/
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZP1pr3gE4rV.oblJsfpKG-WE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZP3fpNh7TAnV9E5j3s646PLE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZP4Hy1AMJsIHF3iOU4QIHyvk--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZP4wHBxQAmSyGGUfF-dlQ2JU--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZP5qgoV6qPy-6389tQV7xXzk--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZP6jUXS75YfA9vTTalRhZrAE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZP6.kk6PNOuPXdvd5MDiBssE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZP7wr00zMQnOZy9IdaXYhuh---
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZP9WzHxBrGMjASXAeqeVvkmk--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPa2AqGq7C.1OLoZc9E5WyLE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPADL2ml5IfjVkTUefSUJD1U--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPAUjaiog50oPvyaicEI6u.---
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPc4jPFZ6TGus6dM0wNLyEN---
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPCf8l15XqUjHK1JKBxFXDfk--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPcfpdZHYsElQN.S2EX0ZJ1---
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPCOQYNYjQs2kd4sRIV9OYEE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPcXN9.622ywQ03mRvt.nnPE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPDv8Vqt0Qg-S2YwxqjorIsE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPEFkdQtklgKj-xb0Qk9wUGU--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPF3NQnuXhSOT5iN-oakNdrE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPFABBZufhLRgzkwyMQvnu3U--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPG1hefLyE5otT-0zkPWFkkU--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPgIJ5hFU7i-UJNLK8k2y55E--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPhFZJo5IbPwF5n0qVfhiLR---
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPhKpJafenB4OE7xwtDw9Iak--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPif-4CcC3ROkd0.3YTZoHZk--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPIjAArFbnrZwtpZ1Y4BqeRE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPis4PC8gKrzGGLd.SbmZyHE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPjPmJtrtNbhnAoLsA8TCOO---
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPKF5l650jmiFfD99W0QLdaE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPkH2zDAEiswiLPfzp51e8T---
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPL9uveK0jreB4rx.sLH1cbk--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPlEql3lgB.-qsgRkQWhkc2U--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPM-cvyrIWEtVUI79B6eRNvk--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPMGfyjmZ3FI3AYtY2VSqbEU--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPmiqkz-TPhsXM3aa5M3wN7E--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPMzcjn3bTXC3NV0UoGDOdg---
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPNbQVKomef2ZQ766R6h3Nlk--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPOFW8tVywWLzYMo146uInHk--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPoMclsAAa2ugYa7okskrsK---
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPoVqB-5-TVMg9EUL0qCtam---
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPq97XpsmJo-HhuC8xVWRA1k--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZP.qody5m-NCPJqF4cZg3oyU--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPQwXJqbEtCKKyCm6ayValsU--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPQYV85NVi9MKSXmi2zJ7a2U--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPRJzpaXCyYc24zSuRb4sATE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPrNQp31TUAOOhZyFRttVwkU--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPtSwbcwejZ5lE8nYCUTr4ZE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPTX2uZV0dBUUOOPmJ0g5z4---
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPUte0bxuZsa07fPQteM3Xp---
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPV2hfKUffmn.OtGJ9HBcREE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPvG5IcdgMXs4a0JZjUiauZU--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPVW8MpFth5aXSbGtwBhixDk--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPwjbf7VWkKRcfAvX09QXwaE--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPx8qzjUVZTkhkVlDg3I6b8E--
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPy456fM5I01vcZIuaLvLat---
    ECRYPTFS_FNEK_ENCRYPTED.FWZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPZqUDEXHpRqutcLzyZ0fMJU--
    ECRYPTFS_FNEK_ENCRYPTED.FXZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZP6sqa1BYHM1rHB.q24NeDXUgTiFnIDRZZ327S9DW NzhA-
    ECRYPTFS_FNEK_ENCRYPTED.FXZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPs7VYJZDt9ln2-ZxxpL6AlpubwyWeNThmRlgSUv6dZ9I-
    ECRYPTFS_FNEK_ENCRYPTED.FXZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPvjMBdYRBLXRU-cfJTINiQIxsQ0cR4-G6T3LxPw.gtWY-
    ECRYPTFS_FNEK_ENCRYPTED.FXZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPzKPB5.TVn4bCtXWNweGo4EtsMPqt-WAQ0Loq.l1q1r--
    ECRYPTFS_FNEK_ENCRYPTED.FXZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPzKPB5.TVn4bCtXWNweGo4M-U0mgg0.nV--kVTJv1NjA-
    ECRYPTFS_FNEK_ENCRYPTED.FXZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPzKPB5.TVn4bCtXWNweGo4PQdiljBF.JVYm3bjSz y5mc-
    ECRYPTFS_FNEK_ENCRYPTED.FXZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPzKPB5.TVn4bCtXWNweGo4QN62pUHjCXlitnfhFu 2htk-
    ECRYPTFS_FNEK_ENCRYPTED.FXZ16Jew45yud-R.xg3Itpbw-59C4zfPuAZPZRDHXJBwKNIPEgHMjFjDnRI3dI7z0K0V3594HTk elsA-
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823# mkdir /mnt/Private
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823# mount -t ecryptfs .ecryptfs/len/.Private/ /mnt/Private
    Passphrase:
    Select cipher:
    1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
    2) blowfish: blocksize = 16; min keysize = 16; max keysize = 56 (not loaded)
    3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 (not loaded)
    4) twofish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
    5) cast6: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
    6) cast5: blocksize = 8; min keysize = 5; max keysize = 16 (not loaded)
    Selection [aes]:
    Select key bytes:
    1) 16
    2) 32
    3) 24
    Selection [16]:
    Enable plaintext passthrough (y/n) [n]:
    Enable filename encryption (y/n) [n]: y
    Filename Encryption Key (FNEK) Signature [20b203e10c7d07b7]:
    Attempting to mount with the following options:
    ecryptfs_unlink_sigs
    ecryptfs_fnek_sig=20b203e10c7d07b7
    ecryptfs_key_bytes=16
    ecryptfs_cipher=aes
    ecryptfs_sig=20b203e10c7d07b7
    WARNING: Based on the contents of [/root/.ecryptfs/sig-cache.txt],
    it looks like you have never mounted with this key
    before. This could mean that you have typed your
    passphrase wrong.

    Would you like to proceed with the mount (yes/no)? : y
    Would you like to proceed with the mount (yes/no)? : y
    Would you like to proceed with the mount (yes/no)? : y
    Would you like to proceed with the mount (yes/no)? : y
    Would you like to proceed with the mount (yes/no)? : y
    Aborting mount.
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823#

    Many many thanks again

  5. #15
    Join Date
    Feb 2007
    Location
    perdita
    Beans
    1,625
    Distro
    Ubuntu

    Re: Recover encrypted home partition. In trouble if lost

    You forgot to enter the filename encryption key ("cfd18f21d6828f63" in your case) and used "y" instead of "yes" to answer the last question.

    Tip: You can select the passphrase and filename encryption key by double-clicking on them and paste them using the middle-button of the mouse.
    This avoids errors. The pasting will not be visible (just like when you type it by hand, at least for password-like things), but it will work.
    (standard copy/paste using the context menus works too)

    Here's what you should have entered:
    Code:
    root@ubuntu:/media/276bb0d7-095a-4d6c-ad20-75a292b46823# mount -t ecryptfs .ecryptfs/len/.Private/ /mnt/Private
    Passphrase: 4b5181e43399feb68abb945fe3a4baee
    Select cipher: 
    1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
    2) blowfish: blocksize = 16; min keysize = 16; max keysize = 56 (not loaded)
    3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 (not loaded)
    4) twofish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
    5) cast6: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
    6) cast5: blocksize = 8; min keysize = 5; max keysize = 16 (not loaded)
    Selection [aes]: 
    Select key bytes: 
    1) 16
    2) 32
    3) 24
    Selection [16]: 
    Enable plaintext passthrough (y/n) [n]: 
    Enable filename encryption (y/n) [n]: y
    Filename Encryption Key (FNEK) Signature [20b203e10c7d07b7]: cfd18f21d6828f63
    Attempting to mount with the following options:
    ecryptfs_unlink_sigs
    ecryptfs_fnek_sig=20b203e10c7d07b7
    ecryptfs_key_bytes=16
    ecryptfs_cipher=aes
    ecryptfs_sig=20b203e10c7d07b7
    WARNING: Based on the contents of [/root/.ecryptfs/sig-cache.txt],
    it looks like you have never mounted with this key 
    before. This could mean that you have typed your 
    passphrase wrong.
    
    Would you like to proceed with the mount (yes/no)? : yes
    Would you like to append sig [20b203e10c7d07b7] to
    [/root/.ecryptfs/sig-cache.txt] 
    in order to avoid this warning in the future (yes/no)? : no
    P.S.: I improved my previous post in case you still have problems.

    P.P.S.: Since you posted your passphrase here in clear text, you should probably change it once everything is OK again. I don't know about the filename encryption key. (I currently have no idea how to do this.)

    For backing up or copying the data you can use the "cp" command.
    ex:
    Code:
    cp -r /mnt/Private/* SAFE_LOCATION
    Alternatively you can launch a file browser with root permissions using:
    Code:
    gksudo nautilus
    or, if you are still as root in the terminal:
    Code:
    nautilus
    Last edited by KIAaze; September 24th, 2010 at 04:59 PM.

  6. #16
    Join Date
    Sep 2010
    Beans
    7

    Re: Recover encrypted home partition. In trouble if lost

    Mr KIAaze,

    You are truely a superstar.

    I am now your biggest fan and intend to hunt you down and follow you where ever you may go.

    No really man, I am so grateful for your help, copying everything over to an ext drive as i type now.

    Problem well and truly SOLVED.

    Many many thanks to you.

    oj

  7. #17
    Join Date
    Feb 2007
    Location
    perdita
    Beans
    1,625
    Distro
    Ubuntu

    Re: Recover encrypted home partition. In trouble if lost

    Glad it worked. And I also learned a few things from it.

    Please mark the thread as "solved" ("Thread tools"->"Mark this thread as solved").

    A few tips for the future:

    -Make external unencrypted backups of such important data, so you don't loose your job.
    (Unless the data is national security stuff or so, it's probably reasonably safe on an external HD or USB stick at home or at work. Put it in a safe if necessary.)

    -Make sure you never loose your passphrase (which is actually more important than the login password to decrypt it). If you hadn't had it this time, you would probably have been unable to recover the data!
    The login password only serves to "unwrap" the wrapped passphrase. Changing the login password does not change the password necessary for unwrapping!
    You can get your passphrase with this command:
    Code:
    # encrypted home directory
    ecryptfs-unwrap-passphrase /home/.ecryptfs/username/.ecryptfs/wrapped-passphrase
    # encrypted Private directory
    ecryptfs-unwrap-passphrase ~/.ecryptfs/wrapped-passphrase
    To change your passphrase, see "Change your passphrase to mount your encrypted private directory or home" on this page:
    http://bodhizazen.net/Tutorials/Ecryptfs/

    -You can encrypt only what's necessary instead of the whole home directory by creating a private encrypted directory:
    https://help.ubuntu.com/community/En...ivateDirectory

    P.S.: I'm still under the Live session actually. I think I never used it for so long before. ^^

  8. #18
    Join Date
    Apr 2006
    Beans
    8
    Distro
    Ubuntu 6.10 Edgy

    Re: Recover encrypted home partition. In trouble if lost

    I'm having much the same problem, with a small difference. My /home partition has been set up on a separate mount. I don't ever recall encrypting /home - but it seems that when upgrading / to 10.10 it's become encrypted. It's very possible I encrypted the last time I did a new install, probably at 9.04.

    I've gone through this section with every possible key phrase I can imagine that I could have used.

    There is no way (that I can tell) to recover what it thinks the pass phrase was as .encryptfs is a link .ecryptfs -> /var/lib/ecryptfs/<user> which would no longer exist.

    Am I borked or is there another way?

  9. #19
    Join Date
    Feb 2007
    Location
    perdita
    Beans
    1,625
    Distro
    Ubuntu

    Re: Recover encrypted home partition. In trouble if lost

    Looks bad.
    If you didn't store the passphrase (wrapped or not) elsewhere and your home partition is really encrypted, I don't see how it's recoverable. (You can try to undelete the wrapped-passphrase file, but it will probably not work...)

    Are you sure your home partition got encrypted? Is it clearly encrypted when you mount it from a Live-CD?
    I find it strange that it would become encrypted by itself. Encryption is not part of a default installation I believe.
    It's more likely you did it by yourself when installing 9.04 as you suggested.

    "/var/lib/ecryptfs/" indeed seems to have been used for storing the wrapped passphrase in Ubuntu 9.04:
    http://dustinkirkland.wordpress.com/...arlibecryptfs/
    (I'm no expert, but this Dustin Kirkland looks like the guy to ask if you want to be sure.)

  10. #20
    Join Date
    Jan 2006
    Location
    UK
    Beans
    5
    Distro
    Ubuntu 10.10 Maverick Meerkat

    Re: Recover encrypted home partition. In trouble if lost

    I want to thank KIAaze for his solution, it saved me a lot of trouble.

    I had a file a desperately needed locked in an encrypted home folder and Ubuntu had broken with the "gconfig-sanity-check2 status 256" problem.

    At least now I can reinstall Ubuntu, but I think I will backup before ANY updates!

    Thanks again, it's people like you KIAaze that make Linux so great.

Page 2 of 3 FirstFirst 123 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •