eCryptfs

Restore .Private from backup

Asked by wolfv

I did a clean install to the latest version of Ubuntu. I have the .Private directory on backup media and it's passphrase.

What is the procedure for restoring .Private and ecryptfs?

I read man pages, https://help.ubuntu.com/community/EncryptedPrivateDirectory, and tried copy.

Thank you.

Question information

Language:
English Edit question
Status:
Answered
For:
eCryptfs Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:

This question was reopened

Revision history for this message
Dustin Kirkland  (kirkland) said : 		#1

I should probably document this better, but I generally:

a) Login as root, and move the new, empty /home/kirkland to /home/kirkland.orig
b) mv or rsync -a the old /home/.ecryptfs to /home/.ecryptfs
c) and mv the old /home/kirkland (with the .ecryptfs and .Private) into place
d) make sure that ecryptfs-utils is installed on the system
e) test logging in via ssh or tty, and if that works then gdm

Revision history for this message
wolfv (wolf-volpi) said : 		#2

Dustin,

There were two .ecryptfs on my old system? I only backed up /home/wolf/.ecryptfs

b) /home/.ecryptfs
c) /home/wolf/.ecryptfs

Revision history for this message
Robbie Morrison (robbie-actrix) said : 		#3

On my system, my local .ecryptfs is a symlink:

$ ls -l /home/robbie/.ecryptfs
lrwxrwxrwx 1 robbie users 32 2010-06-08 00:48 .ecryptfs -> /home/.ecryptfs/robbie/.ecryptfs

Robbie Morrison, Berlin, Germany

Revision history for this message
Robbie Morrison (robbie-actrix) said : 		#4

Caution: be aware that the just website wrapped my answer, the symlink in question points to:

/home/.ecryptfs/robbie/.ecryptfs

Revision history for this message
wolfv (wolf-volpi) said : 		#5

Thanks for your help. Restoring .Private was actually straight forward. Here is how I did it:

Follow instructions from https://help.ubuntu.com/community/EncryptedPrivateDirectory#Setup%20Your%20Encrypted%20Private%20Directory
 Remove an Encrypted Private Directory Setup
 Setup Your Encrypted Private Directory (using old passphrase)

Test the new setup:
 wolf@copper:~$ pwd
 /home/wolf
 wolf@copper:~$ touch Private/test
 wolf@copper:~$ ls Private/
 test
 wolf@copper:~$ ecryptfs-umount-private
 wolf@copper:~$ ls -AF
 .ecryptfs/ Private/ .Private/
 wolf@copper:~$ ls Private/
 Access-Your-Private-Data.desktop README.txt

copy contents of media/USBflash/backup/home/wolf/.Private into /home/wolf/.Private

See if the old encrypted files are accessible:
 wolf@copper:~$ ecryptfs-mount-private
 Enter your login passphrase:
 Inserted auth tok with sig [9c02a743756c2d18] into the user session keyring
 wolf@copper:~$ ls Private/
 secret_tree_house_roster test
It worked!

Revision history for this message
Rebecca Yates (rebecca) said : 		#6

wolv, I had the same question (how I would restore from a backup following a catastrophe) and that's how I expected to do it.

Is it guaranteed that this will always work, even on a completely different system? Does ecryptfs require anything other than the .Private contents and the passphrase?

Revision history for this message
wolfv (wolf-volpi) said : 		#7

Rebecca,

Thats all I had, and it worked.

Revision history for this message
wolfv (wolf-volpi) said : 		#8

I am trying to restore .Private and ecryptfs files just like I did last year but something seems to have changed.

I did a clean install of Ubuntu 11.04. I have the .Private directory on backup and the passphrase. After I ecryptfs-setup-private, Logout, and Log back in, I got this message:

Update information
To encrypt your home directory or "Private" folder, a strong passphrase has been automatically generated. Usually your directory is unlocked with your user password, but if you ever need to manually recover this directory, you will need this passphrase. Please print or write it down and store it in a safe location.
If you click "Run this action now", enter your login password at the "Passphrase" prompt and you can display your randomly generated passphrase.
Otherwise, you will need to run "ecryptfs-unwrap-passphrase" from the command line to retrieve and record your generated passphrase.

I clicked the "Close" button because I wanted to use my old passphrase.

From terminal,
# ecryptfs-mount-private
ERROR: Encrypted private directory is not setup properly

When I click click Private/Access-Your-Private-Data.desktop, I got this message:

Untrusted application launcher
The application launcher "Access-Your-Private-Data.desktop" has not been marked as trusted. If you do not know the source of this file, launching it may be unsafe.

I deleted .Private and copied it back in from backup, but still get the same errors.
Please tell me how to restore .Private.

Thank you.

Revision history for this message
wolfv (wolf-volpi) said : 		#9

Please ignore my above post. I started a new thread on https://answers.launchpad.net/ecryptfs

Revision history for this message
Dustin Kirkland  (kirkland) said : 		#10

Please see ecryptfs-recover-private utility, manpage, and my blogpost on the
matter.

:-Dustin

(with apologies for brevity; sent from my phone)
On Jul 4, 2011 2:25 AM, "wolfv" <email address hidden>
wrote:
> Question #113624 on eCryptfs changed:
> https://answers.launchpad.net/ecryptfs/+question/113624
>
> wolfv gave more information on the question:
> Please ignore my above post. I started a new thread on
> https://answers.launchpad.net/ecryptfs
>
> --
> You received this question notification because you are an answer
> contact for eCryptfs.

Can you help with this problem?

Provide an answer of your own, or ask wolfv for more information if necessary.

To post a message you must log in.