Results 1 to 3 of 3

Thread: 22.04: decrypt user home encrypted with 20.04

  1. #1
    Join Date
    May 2007
    Ubuntu 22.04 Jammy Jellyfish

    Question 22.04: decrypt user home encrypted with 20.04

    The computer has a single volume with two partitions, one with the system (/) and another with the /home folder. The user folder in /home was encrypted with Ubuntu 20.04 (i.e. ecryptfs).

    This morning I re-installed the system with the new Ubuntu 22.04 ISO. I formatted the system partition and let the /home partition be. I provided the same user name and password, which in previous Ubuntu editions would automatically decrypt the user home folder.

    But now when I log on Ubuntu 22.04 is not decrypting the user home folder. Most applications fail to start as they are not able to write in the user home.

    I have both the log-in password and the passphrase necessary to decrypt the home folder. Therefore I tried to decrypt it manually, but ecryptfs-recover-private returns an error (see below).

    How can I mount the user home folder encrypted by Ubuntu 20.04?

    $ sudo ecryptfs-recover-private /home/lads/.Private
    INFO: Found [/home/duque004/.Private].
    Try to recover this directory? [Y/n]: Y
    INFO: Found your wrapped-passphrase
    Do you know your LOGIN passphrase? [Y/n] Y
    INFO: Enter your LOGIN passphrase...
    Inserted auth tok with sig [3c9323dd0ed2026f] into the user session keyring
    mount: /tmp/ecryptfs.6IGtBsCb: mount(2) system call failed: No such file or directory.
    ERROR: Failed to mount private data at [/tmp/ecryptfs.6IGtBsCb].

  2. #2
    Join Date
    Mar 2010

    Re: 22.04: decrypt user home encrypted with 20.04
    The gist of that report is
    • encryptfs was deprecated. This was mentioned in the 18.04 release notes.
      The installer no longer offers the encrypted home option using ecryptfs-utils. It is recommended to use full-disk encryption instead for this release. (1756840)
    • Upgrades for systems with it have not been smooth.
    • Always have excellent backups if you use any encryption.
    • LUKS/dm-crypt is the preferred method, though other methods might be possible. Don't expect them to be supported.

  3. #3
    Join Date
    Mar 2010
    Ubuntu Development Release

    Re: 22.04: decrypt user home encrypted with 20.04

    Also note that between Ubuntu 18.04, 20.04 and 22.04, with LUKS, there was a shift from LUKS 1 to LUKS 2. There are some subtle differences in the versions, and their support from Grub2 for those versions. I have test machines on all those, as well as LVM and ZFS volume encryption's.

    Ubuntu 20.04 was 'complicated' in that regard, as to do some things, I had a combination of both LUKS versions 1.0 and 2.0, because it was in that transition period between the two versions, and with what capabilities were supported by what. (The current version of Grub2 (that comes with 22.04) now supports booting from LUKS 2, whereas previous supported booting from LUKS 1.)

    I'm thinking that the easiest solution for a machine, and circumvent user interactions for the encryption passphrase (where human error occurs) is to to set it up with a USB Key keyfile or a Security Card Reader. But then, again, physical security of those things, is where people fail.

    "Concurrent coexistence of Windows, Linux and UNIX..." || Ubuntu user # 33563, Linux user # 533637
    Sticky: Graphics Resolution | UbuntuForums 'system-info' Script | Posting Guidelines | Code Tags

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts