eCryptfs

"mount -t ecryptfs" OK "ecryptfs-mount-private" Fails

Bug #526217 reported by AlexGenaud
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
eCryptfs
New
Undecided
Unassigned

Bug Description

After changing and re-wrapping my login password I am unable to ecryptfs-mount-private, while I am able to mount -t ecryptfs...

---
Steps to recreate
---
$ ecryptfs-wrap-passphrase .ecryptfs/wrapped-passphrase
Passphrase to wrap: [mountKey]
Wrapping passphrase: [loginPass]

$ ecryptfs-mount-private
Enter your login passphrase: [loginPass]
Inserted auth tok with sig [136d0b...] into the user session keyring
keyctl_search: Required key not available
Perhaps try the interactive 'ecryptfs-mount-private'

---
What does work
---
$ sudo mount -t ecryptfs .Private/ Private/ -o ecryptfs_cipher=aes,\
   ecryptfs_key_bytes=16,ecryptfs_passthrough=n,\
   ecryptfs_enable_filename_crypto=y,no_sig_cache
[sudo] password for me: [loginPass]
Passphrase: [mountKey]
Filename Encryption Key (FNEK) Signature [136d0b...]:
Attempting to mount with the following options:
  ecryptfs_unlink_sigs
  ecryptfs_fnek_sig=136d0b...
  ecryptfs_key_bytes=16
  ecryptfs_cipher=aes
  ecryptfs_sig=136d0b...
Mounted eCryptfs

---
Failed rescue attempt
---
$ mv .Private bak.Private
$ mv .ecryptfs bak.ecryptfs
$ rm -rf Private
$ ecryptfs-setup-private
Enter your login passphrase: [loginPass]
Enter your mount passphrase [leave blank to generate one]: [mountKey]
Enter your mount passphrase (again): [mountKey]
...Testing succeeded...
$ rm -rf .Private
$ mv bak.Private .Private
$ ecryptfs-mount-private
Enter your login passphrase: [loginPass]
Inserted auth tok with sig [136d0b...] into the user session keyring
$ ls Private
$ ls Private/
ls: cannot access Private/Desktop: No such file or directory
ls: cannot access Private/Pictures: No such file or directory

---
But again, this works
---
$ ecryptfs-umount-private
$ sudo mount -t ecryptfs .Private/ Private/ -o ecryptfs_cipher=aes,\
   ecryptfs_key_bytes=16,ecryptfs_passthrough=n,\
   ecryptfs_enable_filename_crypto=y,no_sig_cache
Passphrase: [mountKey]
Filename Encryption Key (FNEK) Signature [136d0b...]:
Attempting to mount with the following options:
  ecryptfs_unlink_sigs
  ecryptfs_fnek_sig=136d0b...
  ecryptfs_key_bytes=16
  ecryptfs_cipher=aes
  ecryptfs_sig=136d0b...
Mounted eCryptfs

$ ls Private/
Backup Desktop

---
Environment
---
ecryptfs version? (man page 2009-03-24)
Ubuntu 9.10 (#56-Ubuntu SMP Thu Jan 28)
kernel 2.6.31-19-generic
Lenovo X200

Revision history for this message
AlexGenaud (alexgenaud) wrote :

Only after setting my seahorse keyring password to match my login password, ecryptfs-mount-private worked. Is it required to change my password in three places?

Revision history for this message
Martin Pool (mbp) wrote :

I'm seeing something that may be similar to this on natty: on initial boot and gdm login, things work fine. When I ssh in and run ecryptfs-mount-private for the first time, that also works. However, if my connection expires, and I presume ~/Private is automatically unmounted, then I can no longer mount it using ecryptfs-mount-private; I get

% ecryptfs-mount-private
Enter your login passphrase:
Inserted auth tok with sig [9fb...] into the user session keyring
keyctl_search: Required key not available
Perhaps try the interactive 'ecryptfs-mount-private'

Revision history for this message
Dustin Kirkland  (kirkland) wrote :

Howdy all,

I'm almost positive that this is a duplicate of Bug #725862, which was fixed in ecryptfs-utils-92 on Thu, 01 Sep 2011 16:25:03.

I'm going to mark this bug a dupe right now, but if you're still experiencing this problem, please reopen or de-dupe this one.

Thanks!

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.