eCryptfs

Recover Ecryptfs Folder

Asked by Elliot Hassan

Hi!

So I had to do a clean install of Ubuntu 10.04 and I had my /home directory on another 77gb partition and it was encrypted.

I reinstalled Ubuntu 10.04 and made a new seperate 180gb partition as my /home and it is not encrypted. I don't have that really long pass phrase for my 77gb partition but I still remember my password and everything. Is there a way to somehow type in my password and decrypt my 77gb partition ? I'm not super knowledgeable when it comes to Ubuntu but I do know how to use a terminal.

Question information

Language:
English Edit question
Status:
Solved
For:
eCryptfs Edit question
Assignee:
No assignee Edit question
Solved by:
Elliot Hassan
Solved:
Last query:
Last reply:
Revision history for this message
Elliot Hassan (ehassan25) said : 		#1

Okay so I was able through the tutorial here: https://help.ubuntu.com/community/EncryptedPrivateDirectory#Not%20covered%20in%20this%20tutorial
Able to obtain my encrypted mount password.

What the tutorial does not explain is that in order to run the command
you have to navigate to your encrypted partition where the
wrapped-passphrase file is located in the terminal.

Now I just have to figure out how to mount the partition and retrieve my data!

Revision history for this message
Elliot Hassan (ehassan25) said : 		#2

So now I am stuck at the part where I mount the drive.
my old encrypted home is located at /media/6dd6840c-ba86-492c-9c42-bbfb86337250
$ls -l
kakashi lost+found

I have my mount passphrase, and the second half to my fnek sig
how would I correctly enter the syntax to mount my drive so I can view my files ?

Revision history for this message
Serge Hallyn (serge-hallyn) said : 		#3

Assuming the original install was also 10.04, then the encrypted directory
should be under kakashi/.Private. Take a peek with

 ls -laF /media/6dd6840c-ba86-492c-9c42-bbfb86337250/kakashi

which should show you both your .ecryptfs and .Private directories. The
mount command you'll want is likely something like

 mount -t ecryptfs \
  /media/6dd6840c-ba86-492c-9c42-bbfb86337250/kakashi/.Private \
  /mnt

It should interactively ask you for the passphrase, and put your
decrypted files under /mnt. So then you can

 mkdir /home/kakashi/old_home
 rsync -va /mnt/ /home/kakashi/old_home

or somesuch.

Revision history for this message
Elliot Hassan (ehassan25) said : 		#4

okay so the location of the .Private folder is: /media/6dd6840c-ba86-492c-9c42-bbfb86337250/.ecryptfs/kakashi/.Private

so I assume the correct syntax to mount the folder is :
$sudo mount -t ecryptfs /media/6dd6840c-ba86-492c-9c42-bbfb86337250/.ecryptfs/kakashi/.Private /mnt

It then asks for my passphrase which i then enter the mount passphrase, answer the questions then enter
my fnek passphrase. I then receive this error:
"Error mounting eCryptfs: [-2] No such file or directory
 Check your system logs; visit <http://launchpad.net/ecryptfs>"

but when i $cd /media/6dd6840c-ba86-492c-9c42-bbfb86337250/.ecryptfs/kakashi/ and type
$ls -laF --> This is the print out
total 24
drwxr-xr-x 4 kakashi kakashi 4096 2010-06-16 16:35 ./
drwxr-xr-x 3 root root 4096 2010-06-16 16:35 ../
drwx------ 2 kakashi kakashi 4096 2010-06-16 16:35 .ecryptfs/
drwx------ 41 kakashi kakashi 12288 2010-06-21 13:12 .Private/

also /mnt is a folder I checked that as well

Revision history for this message
Elliot Hassan (ehassan25) said : 		#5

I get the error "
 Error mounting eCryptfs: [-2] No such file or directory
 Check your system logs; visit <http://launchpad.net/ecryptfs>"

even though .Private is a directory

Revision history for this message
Elliot Hassan (ehassan25) said : 		#6

okay I just found the step I was missing!

You have to add the fnek passphrase to your local keyring? I believe thats what this command does anyways.
$sudo ecryptfs-add-passphrase --fnek
Passphrase: <-- [ Enter your mount passphrase ]
You should now get two lines looking like this:
Inserted auth tok with sig [9986ad986f986af7] into the user session keyring
Inserted auth tok with sig [76a9f69af69a86fa] into the user session keyring <-- ( write down that second value )

Once I had done this I was able to follow serge's commands and load my old drive back !! Thank you so much for all your help!!