recovering file contents *and filenames* only with lower files and mount passphrase?
Hello,
First off, my sincere thanks to the developers for providing us with such an easy-to-use encryption system. This is terrific and important work. : )
Following the instructions on the wiki and Dustin's blog setup was a breeze. (I am running an uptodate Ubuntu 9.10.) I was testing if the instructions in the wiki (https:/
- a copy of .Private (from an external HD backup)
- my *mount* passphrase (which I obtained by running ecryptfs-
Am I correct in thinking this is enough to recover my data (*including the filenames*)? (I envision this scenario happening if, following Dustin's suggestion in his blog to store the wrapped passphrase file in an external media, I lose the USB stick in which the wrapped passphrase is stored.)
As the following shows, following the instructions in the wiki correctly decrypts my files but leaves the filenames encrypted *even* if I answer Y to the question 'enable filename encryption?'.
l@l:~$ sudo mount -t ecryptfs /home/l/.Private /home/l/Private
Passphrase:
Select cipher:
1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
2) blowfish: blocksize = 16; min keysize = 16; max keysize = 56 (not loaded)
3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 (not loaded)
4) twofish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
5) cast6: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
6) cast5: blocksize = 8; min keysize = 5; max keysize = 16 (not loaded)
Selection [aes]: 1
Select key bytes:
1) 16
2) 32
3) 24
Selection [16]:
Enable plaintext passthrough (y/n) [n]:
Enable filename encryption (y/n) [n]: y <<==== I thought this would solve this issue, but alas...
Filename Encryption Key (FNEK) Signature [447e4c9830c32cb4]:
Attempting to mount with the following options:
ecryptfs_
ecryptfs_
ecryptfs_
ecryptfs_
ecryptfs_
WARNING: Based on the contents of [/root/
it looks like you have never mounted with this key
before. This could mean that you have typed your
passphrase wrong.
Would you like to proceed with the mount (yes/no)? : yes
Would you like to append sig [447e4c9830c32cb4] to
[/root/
in order to avoid this warning in the future (yes/no)? : no
Not adding sig to user sig cache file; continuing with mount.
Mounted eCryptfs
$ ls Private/
ECRYPTFS_
$ echo Private/
test123
What am I doing wrong? Do I need to store in a safe place additional information to recover both file contents *as well as the filenames* in case of loss of the wrapped passphrase file?
Many thanks for any advice : )
lara
Question information
- Language:
- English Edit question
- Status:
- Solved
- For:
- eCryptfs Edit question
- Assignee:
- No assignee Edit question
- Solved by:
- laramichaels1978
- Solved:
- Last query:
- Last reply: