Recovering Encrypted Home Partition

Asked by Christopher on 2010-05-04

I had some major problems after the recent Ubuntu upgrade and had to boot from a live cd. I have a separate /home partition, but it was encrypted using the default install encryption in the 9.10 install cd. How can I get to my files so I can back them up?

From http://blog.dustinkirkland.com/2009/03/mounting-your-encrypted-home-from.html, I tried:

-------------------------------------------------------------
ubuntu@ubuntu$ sudo mount /dev/sda2 /mnt
ubuntu@ubuntu$ sudo mount /dev/sda4 /mnt/home
ubuntu@ubuntu$ sudo mount -o bind /dev /mnt/dev
ubuntu@ubuntu$ sudo mount -o bind /dev/shm /mnt/dev/shm
ubuntu@ubuntu$ sudo mount -o bind /proc /mnt/proc
ubuntu@ubuntu$ sudo mount -o bind /sys /mnt/sys
ubuntu@ubuntu$ sudo chroot /mnt
root@ubuntu$ su - kirkland
keyctl_searchL Required key not available
Perhaps try the interactive 'encryptfs-mount-private'
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" fr details.

kirkland@ubuntu$ ecryptfs-add-passphrase --fnek
Passphrase:
Error: Your kernel does not support filename encryption
kirkland@ubuntu$ ecryptfs-mount-private
Enter your login passphrase:
Inserted auth tok with sig [xxx] into the user session keyring
keyctl_search:Required key not available
Perhaps try the interactive 'ecryptfs-mount-private'

INFO: Your private directory has been mounted.
INFO: To see this change in your current shell:
   cd /home/kirkland

kirkland@ubuntu$ cd /home/kirkland
kirkland@ubuntu$ ls -a
-------------------------------------------------------------

All files displayed start with "ECRYPTFS_FNEK_ENCRYPTED..."

I also tried doing this without the "ecryptfs-add-passphrase --fnek" command, but get the same problem.

Also, I tried the following from: http://www.kaijanmaki.net/2009/10/26/recovering-files-from-ecryptfs-encrypted-home/

-------------------------------------------------------------
$ sudo aptitude install ecryptfs-utils
$ cd /mnt
$ sudo mkdir OldHome

$ sudo ln -s /media/3e8ea0ac-xxxx-xxxx-a35a-8ff17406fdb8/home/user/.Private OldPrivate

$ sudo ecryptfs-add-passphrase --fnek
Passphrase:
Inserted auth tok with sig [xxxxxxxxxxxxxxx] into the user session keyring
Inserted auth tok with sig [yyyyyyyyyyyyyyyy] into the user session keyring

$ sudo mount -t ecryptfs OldPrivate OldHome/
Passphrase:
Select cipher:
1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
2) blowfish: blocksize = 16; min keysize = 16; max keysize = 56 (not loaded)
3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 (not loaded)
4) twofish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
5) cast6: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
6) cast5: blocksize = 8; min keysize = 5; max keysize = 16 (not loaded)
Selection [aes]:
Select key bytes:
1) 16
2) 32
3) 24
Selection [16]:
Enable plaintext passthrough (y/n) [n]:
Enable filename encryption (y/n) [n]: y
Filename Encryption Key (FNEK) Signature [xxxxxxxxxxxxxxx]: yyyyyyyyyyyyyyyy
Attempting to mount with the following options:
ecryptfs_unlink_sigs
ecryptfs_fnek_sig=yyyyyyyyyyyyyyyy
ecryptfs_key_bytes=16
ecryptfs_cipher=aes
ecryptfs_sig=xxxxxxxxxxxxxxx
WARNING: Based on the contents of [/root/.ecryptfs/sig-cache.txt],
it looks like you have never mounted with this key
before. This could mean that you have typed your
passphrase wrong.

Would you like to proceed with the mount (yes/no)? : yes
Would you like to append sig [zzzzzzzzzzzzzzzzz] to
[/root/.ecryptfs/sig-cache.txt]
in order to avoid this warning in the future (yes/no)? : no
Not adding sig to user sig cache file; continuing with mount.
Error mounting eCryptfs: [-2] No such file or directory
Check your system logs; visit <http://launchpad.net/ecryptfs>
-------------------------------------------------------------

Any suggestions would be very appreciated. I have been at this non-stop since yesterday...

COKEDUDE (cokedude) said : #1

You messed up here. You have to give full paths to your directories.
$ sudo mount -t ecryptfs OldPrivate OldHome/

Something like this.
~ $ sudo mount -t ecryptfs /media/4fa4e92e-3532-48fd-a83d-6ea340a669b6/bob /home/bob

/media/4fa4e92e-3532-48fd-a83d-6ea340a669b6/bob = The private directory I am trying mount.
/home/bob = The location I trying to mount my private directory at. Make sure /home/bob actually exists.

Can you help with this problem?

Provide an answer of your own, or ask Christopher for more information if necessary.

To post a message you must log in.