Error: Unwrapping passphrase (Incorrect wrapping key)

Asked by Torben Gundtofte-Bruun on 2011-09-12

After entering the correct passphrase at the command ecryptfs-mount-private, I am getting the error stated below.

Question:
--> Given that I am absolutely sure that I am entering the correct passphrase, what can I do to fix this problem so that I can read the encrypted home folder?

Background:
I've mounted an external drive via USB, which contains my old (encrypted) home folder. I'm running this from a brand-new install and hope to move the data from the old encrypted folder to the new unencrypted drive.

Here's the terminal action:

torben@torben-nettop:~$ sudo ecryptfs-recover-private
INFO: Searching for encrypted private directories (this might take a while)...
INFO: Found [/media/0f417b42-11a0-4539-9cae-e11ce3b289c3/home/.ecryptfs/torben/.Private].
Try to recover this directory? [Y/n]: y
INFO: Enter your LOGIN passphrase...
Passphrase:
Error: Unwrapping passphrase and inserting into the user session keyring failed [-5]
Info: Check the system log for more information from libecryptfs
torben@torben-nettop:~$

Syslog has this information:

ecryptfs-insert-wrapped-passphrase-into-keyring: Incorrect wrapping key for file [/home/torben/.ecryptfs/wrapped-passphrase]
ecryptfs-insert-wrapped-passphrase-into-keyring: Error attempting to unwrap passphrase from file [/home/torben/.ecryptfs/wrapped-passphrase]; rc = [-5]

Question information

Language:
English Edit question
Status:
Answered
For:
eCryptfs Edit question
Assignee:
No assignee Edit question
Last query:
2011-09-21
Last reply:
2012-08-05
ohad (ohadasor) said : #1

I have the same problem.
I've been working with my encrypted home folder for about an year, and suddenly I cannot mount it.
I tried booting from live cd, and maybe all ecryptfs-* commands, and nothing didn't worked. It kept telling me its the wrong passphrase.
Please help us recover our precious home directory...

Dustin Kirkland  (kirkland) said : #2

Do you still have the file $HOME/.ecryptfs/wrapped-passphrase?

If so, can you do:

ecryptfs-unwrap-passphrase $HOME/.ecryptfs/wrapped-passphrase

ohad (ohadasor) said : #3

Thanks Dustin.

Still doesn't work:
root@ubuntu:/home/ubuntu# ecryptfs-unwrap-passphrase /media/14798a16-57e4-4bb4-9983-fd9e41d4521c/home/.ecryptfs/ohad/.ecryptfs/wrapped-passphrase
Passphrase:
Error: Unwrapping passphrase failed [-5]
Info: Check the system log for more information from libecryptfs

Dustin Kirkland  (kirkland) said : #4

What is the output of:

ls -halF /media/14798a16-57e4-4bb4-9983-fd9e41d4521c/home/.ecryptfs/ohad/.ecryptfs/wrapped-passphrase
file /media/14798a16-57e4-4bb4-9983-fd9e41d4521c/home/.ecryptfs/ohad/.ecryptfs/wrapped-passphrase

Also, look for any ecryptfs messages toward the end of /var/log/syslog

Hi Dustin!
Thank you for helping out!! It's sincerely appreciated.

Why do I now get "command not found"?
According to Ubuntu's software central, it *is* installed, and I used it
like a week ago. What's its path, so I can be specific on the command line?

"
torben@torben-nettop:/$ ecrypt-unwrap-passphrase
/media/0f417b42-11a0-4539-9cae-e11ce3b289c3/home/.ecryptfs/torben/.ecryptfs/wrapped-passphrase

ecrypt-unwrap-passphrase: command not found
torben@torben-nettop:/$
"

Best Regards / Mit freundlichen Grüßen / Med venlig hilsen
Torben Gundtofte-Bruun - <email address hidden> - +43-650-495-3929

On Tue, Sep 20, 2011 at 20:30, Dustin Kirkland <
<email address hidden>> wrote:

> Your question #170930 on eCryptfs changed:
> https://answers.launchpad.net/ecryptfs/+question/170930
>
> Status: Open => Answered
>
> Dustin Kirkland proposed the following answer:
> Do you still have the file $HOME/.ecryptfs/wrapped-passphrase?
>
> If so, can you do:
>
> ecryptfs-unwrap-passphrase $HOME/.ecryptfs/wrapped-passphrase
>
> --
> If this answers your question, please go to the following page to let us
> know that it is solved:
>
> https://answers.launchpad.net/ecryptfs/+question/170930/+confirm?answer_id=1
>
> If you still need help, you can reply to this email or go to the
> following page to enter your feedback:
> https://answers.launchpad.net/ecryptfs/+question/170930
>
> You received this question notification because you asked the question.
>

Dustin Kirkland  (kirkland) said : #6

If you're getting command-not-found, you need to:
 $ sudo apt-get install ecryptfs-utils

ohad (ohadasor) said : #7

-rw------- 1 1000 1000 48 2011-09-15 20:46 /media/14798a16-57e4-4bb4-9983-fd9e41d4521c/home/.ecryptfs/ohad/.ecryptfs/wrapped-passphrase

and from syslog:

Sep 20 18:33:13 ubuntu ecryptfs-unwrap-passphrase: Incorrect wrapping key for file [/media/14798a16-57e4-4bb4-9983-fd9e41d4521c/home/.ecryptfs/ohad/.ecryptfs/wrapped-passphrase]
Sep 20 18:34:23 ubuntu ecryptfs-unwrap-passphrase: last message repeated 2 times

Dustin Kirkland  (kirkland) said : #8

ohad,

So the passphrase you're giving it when prompted is incorrect.

Dustin Kirkland proposed the following answer:

> If you're getting command-not-found, you need to:
> $ sudo apt-get install ecryptfs-utils

It's already installed (see below), but apparently not in the default path.
Can I just write "$ /path/to/ecryptfs/ ecrypt-unwrap-passphrase
/media/etc..." ?
--> What path should I use?

$ sudo apt-get install ecryptfs-utils
[...]
ecryptfs-utils is already the newest version.
ecryptfs-utils set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.

If ecryptfs-unwrap-passphrase is not in your path, then yes, of
course, you much call it with its absolute path.

ohad (ohadasor) said : #11

But still, it automatically mounted my home on every boot every day. One day it just stopped doing it.
And I'm pretty sure I remember the password, and I also saved the passphrases.

Do you have the long, random passphrase that you were told to record?

ohad (ohadasor) said : #13

Yed I do.

So I am facing kind of similar issues after booting up and running 'aptitude upgrade' after a long while.

I tried this command:
ecryptfs-unwrap-passphrase $HOME/.ecryptfs/wrapped-passphrase

and entered my passphrase (which was a 32 character string which looked like base64 encoded) and got the exact same message mentioned by ohad in /var/log/syslog. Could this be an issue with the recent software upgrades?

s3a (gamingtechnology) said : #15

I'm not currently on it but I experienced this on my laptop with a Debian Wheezy/Testing (after the freeze) installation and one day after having alternated between a hibernated and woken state for several days and upgrading in the my OS during this time. I noticed that chromium was "misbehaving" (I have a symlink of chromium's configuration folder pointing to ~/Private) such that Google searches would not show the text boxes properly so I rebooted and that's when I could not access anything in ~/Private. I'm pretty sure I know the correct password. I have a record accessible to me which tells me my pass phrase. I decided (a while back) to make my own password using ecryptfs-wrap-passphrase after some message with an auto-generated password (I wanted my own password).

Has anyone resolved this issue?

Can you help with this problem?

Provide an answer of your own, or ask Torben Gundtofte-Bruun for more information if necessary.

To post a message you must log in.