2010-08-17 14:38:10 |
Leo |
description |
Binary package hint: ecryptfs-utils
When trying to mount my encrypted home from an external disc, doing the following command:
mount -t ecryptfs -o ecryptfs_sig=<FIRST_SIG>,ecryptfs_fnek_sig=<SECOND_SIG>,ecryptfs_cipher=aes,ecryptfs_key_bytes=16 SRC_DIR TARGET_DIR
I get "mounting eCryptfs: [-2] No such file or directory"
The current workaround is:
- sudo su -
- keyctl clear @u
- keyctl list @u
(should be empty)
- ecryptfs-insert-wrapped-passphrase-into-keyring /path/to/your/wrapped-passphrase
- keyctl list @u
- mount.ecryptfs /path/to/your/encrypted/data /mnt/your/mount/dir
(it will first prompt you for a passphrase)
Open another terminal and run:
- ecryptfs-unwrap-passphrase /path/to/your/wrapped-passphrase
- copy and paste that long/random passphrase back into your other terminal, where you're doing the mount, this is your mount passphrase
- select (aes, 16, no passthrough)
- select yes for filename encryption
- in your other terminal, tail -n1 /path/to/your/Private.sig
- this is your fnek sig
- copy and paste this into your mount window
- Enter
You should have it mounted, but maybe not something you should use reliably.
ProblemType: Bug
Architecture: i386
Date: Mon Oct 19 16:03:06 2009
DistroRelease: Ubuntu 9.10
Package: ecryptfs-utils 81-0ubuntu2
ProcEnviron:
LANG=en_US.UTF-8
SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.31-14.48-generic
SourcePackage: ecryptfs-utils
Uname: Linux 2.6.31-14-generic i686 |
Binary package hint: ecryptfs-utils
"sudo mount -t ecryptfs .Private /mnt/private" doesn't extract fnek signature properly, and disables filename encryption by default.
When a user or a private folder is created, or a user migrates their home, there is filename encryption by default, the key is different and it can be extracted from the passphrase.
Users therefore don't manage to access backup copies of their home, or only achieve it after quite a lot of hacking.
Expected behavior: "sudo mount -t ecryptfs .Private /mnt/private" extracts both keys from the passphrase, adds them to the keyring, and enables filename encryption afther the user types the passphrase and hits the enter key 5 times.
When trying to mount my encrypted home from an external disc, doing the following command:
mount -t ecryptfs -o ecryptfs_sig=<FIRST_SIG>,ecryptfs_fnek_sig=<SECOND_SIG>,ecryptfs_cipher=aes,ecryptfs_key_bytes=16 SRC_DIR TARGET_DIR
I get "mounting eCryptfs: [-2] No such file or directory"
The current workaround is:
- sudo su -
- keyctl clear @u
- keyctl list @u
(should be empty)
- ecryptfs-insert-wrapped-passphrase-into-keyring /path/to/your/wrapped-passphrase
- keyctl list @u
- mount.ecryptfs /path/to/your/encrypted/data /mnt/your/mount/dir
(it will first prompt you for a passphrase)
Open another terminal and run:
- ecryptfs-unwrap-passphrase /path/to/your/wrapped-passphrase
- copy and paste that long/random passphrase back into your other terminal, where you're doing the mount, this is your mount passphrase
- select (aes, 16, no passthrough)
- select yes for filename encryption
- in your other terminal, tail -n1 /path/to/your/Private.sig
- this is your fnek sig
- copy and paste this into your mount window
- Enter
You should have it mounted, but maybe not something you should use reliably.
ProblemType: Bug
Architecture: i386
Date: Mon Oct 19 16:03:06 2009
DistroRelease: Ubuntu 9.10
Package: ecryptfs-utils 81-0ubuntu2
ProcEnviron:
LANG=en_US.UTF-8
SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.31-14.48-generic
SourcePackage: ecryptfs-utils
Uname: Linux 2.6.31-14-generic i686
|
|