2

I am sorry I did not find any related topic matching here. I have weird installation behaviour right after I installed my Linux Mint 22 in my existing partition table structure:

  • Luks Encrypted partition with LVM for root, user, swap
  • Boot Partition (none encrypted)
  • Dual Boot Windows partition
  • One NTFS exhange partition

The LUKS partition was during live sesssion opened, the inside lying LVM activated and mounted. All partition have been formatted besides the home partition with ecryptfsed home directories inside. Before Ubuntu 24.04 was installed as an mislead upgrade to 22.04 (mislead in terms of many small performance leaks and little errors, which do not end in a unusable but miserably configured system). A fresh install of Ubuntu 24.04 went wrong because it doesn't support LUKS and LVM during installation anymore. Damn.

Then I started the installation assistant.

All Went ok, performance increase like 200%, besides:


So in detail I can't open my backup home folder encrypted with the exakt same password like my user's id password and the one used for the homefolder:

Alternate 1:

root# ecryptfs-private-recovery    # from somewhere
INFO: Searching for encrypted private directories (this might take a while)...
find: ‘/proc/38986/task/38986/net’: Invalid argument
find: ‘/proc/38986/net’: Invalid argument
find: ‘/proc/103650/task/103650/net’: Invalid argument
find: ‘/proc/103650/net’: Invalid argument
find: ‘/run/user/1000/gvfs’: Permission denied
find: ‘/run/user/1000/doc’: Permission denied

So ecryptfs is not finding any home directory (besides /home/user is a working decrypted one it is also not finding). Even when I start it from the directory .Private itself.

I know

  • the encryption password
  • the algorithm AES
  • the key length 16 bit
  • encryption of file names is turned on
  • passthrough is no

According to here and following from that answer here I was deleting the keys with (keyctl as a key management facility tool working with keyrings, but obviously not with the gnome keyring, the philosophy of the tool is unfortunately totally unclear as the whole ecryptfs tool (I did not find any sequence diagrams/uml charts on it):

$ sudo su
$ keyctl list @u
2 keys in keyring:
270246897: --alswrv  1000  1000 user: bbbbbbbbbbbbbbbb
996876983: --alswrv  1000  1000 user: aaaaaaaaaaaaaaaa
$ keyctl clean @u    [--> no keys available in
$ ecryptfs-unwrap-passphrase .ecryptfs/wrapped-passphrase
Passphrase: (enter your usual passphrase)
PPPPPPPPPPPPPPPP
(write down this unwrapped passphrase)
$ sudo ecryptfs-add-passphrase --fnek 
Passphrase: (enter the PPPPPPPPPPPPPPPP)
Inserted auth tok with sig [aaaaaaaaaaaaaaaa] into the user session keyring
Inserted auth tok with sig [bbbbbbbbbbbbbbbb] into the user session keyring
$ sudo mount -t ecryptfs /backup1TB/home_user_bck/.Private /backup1TB/home_user_bck/ -o key=passphrase:passphrase_passwd_file=/home/user/scripts/key.txt,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_passthrough=n,ecryptfs_enable_filename_crypto=y,ecryptfs_unlink_sigs
Filename Encryption Key (FNEK) Signature [aaaaaaaaaaaaaaaaaa]: bbbbbbbbbbbbbbbb
Attempting to mount with the following options:
  ecryptfs_unlink_sigs
  ecryptfs_fnek_sig=bbbbbbbbbbbbbbbb                     
  ecryptfs_key_bytes=16
  ecryptfs_cipher=aes
  ecryptfs_sig=aaaaaaaaaaaaaaaaaa
Mounted eCryptfs
  • ecryptfs_fnek_sig and ecryptfs_sig are only shown hidden. As this home_backup directory was working as a mirror to my home directory both encrypted with ecryptfs with the same user password, it was tolerable for me to save the password plainly into scripts with 400 permissions.

The log shows:

$ dmesg | tail
[469436.287197] ecryptfs_parse_tag_70_packet: Error attempting to find auth tok for fnek sig [d5459a9a6d6c7d8a]; rc = [-2]
[469436.287330] Could not find key with description: [d5459a9a6d6c7d8a]
[469436.287337] process_request_key_err: No key
[469436.287340] ecryptfs_parse_tag_70_packet: Error attempting to find auth tok for fnek sig [d5459a9a6d6c7d8a]; rc = [-2]
[469469.389865] Could not find key with description: [d5459a9a6d6c7d8a]
[469469.389884] process_request_key_err: No key
[469469.389889] ecryptfs_parse_tag_70_packet: Error attempting to find auth tok for fnek sig [d5459a9a6d6c7d8a]; rc = [-2]
[469469.389907] Could not find key with description: [d5459a9a6d6c7d8a]
[469469.389912] process_request_key_err: No key
[469469.389915] ecryptfs_parse_tag_70_packet: Error attempting to find auth tok for fnek sig [d5459a9a6d6c7d8a]; rc = [-2]
peddanet@HP-ENVY-Laptop-13-aq1176ng:/backup1TB$ ^C

$ journalctl -xe | grep
Mar 05 00:55:40 HP-ENVY-Laptop-13-aq1176ng sudo[230528]: peddanet : TTY=pts/3 ; PWD=/backup1TB ; USER=root ; COMMAND=/usr/bin/mount -t ecryptfs /backup1TB/home_peddanet_bck/.Private /backup1TB/home_peddanet_bck/ -o key=passphrase:passphrase_passwd_file=/home/peddanet/scripts/key.txt,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_passthrough=n,ecryptfs_enable_filename_crypto=y
Mar 05 00:55:40 HP-ENVY-Laptop-13-aq1176ng mount.ecryptfs[230537]: Error initializing key module [/usr/lib/x86_64-linux-gnu/ecryptfs/libecryptfs_key_mod_gpg.so]; rc = [-22]

Alernative way

According to this way for MINT I did the recovering right this:

/backup1TB/.ecryptfs/home_user_bck# ecryptfs-recover-private .Private;
INFO: Found [.Private].
Try to recover this directory? [Y/n]: Y
INFO: Found your wrapped-passphrase
Do you know your LOGIN passphrase? [Y/n] Y
INFO: Enter your LOGIN passphrase...
Passphrase: 
Inserted auth tok with sig [cccccccccccccccc] into the user session keyring
INFO: Success!  Private data mounted at [/tmp/ecryptfs.HR2cA03S].
# keyctl list @u
3 keys in keyring:
384278683: --alswrv     0     0 user: bbbbbbbbbbbbbbbb
351461027: --alswrv     0     0 user: aaaaaaaaaaaaaaaa

Errors: No errors! BUT:

Outcome for both ways:

It seems working properly, but ls -la will serve:

Examining these directories as well as mounting with my passphrase, which works "top level" without errors, but you can't access these files and directories, it stops:

$ ll home_user_bck
ls: cannot access 'home_user_bck/.nuget': No such file or directory
ls: cannot access 'home_user_bck/lsix-master': No such file or directory
ls: cannot access 'home_user_bck/.mozilla': No such file or directory
[..]
ls: cannot access 'home_user_bck/ECRYPTFS_FNEK_ENCRYPTED.FWbJFNeOPKlxWUQHdX-EKzX72XJwQQKem-XJNDrYJBdx.UWXCIKeIOw45E--': No such file or directory
ls: cannot access 'home_user_bck/openvlc.tasks': No such file or directory
ls: cannot access 'home_user_bck/Screenshot from 2021-11-06 15-37-10.png': No such file or directory
[..]
ls: cannot access 'home_user_bck/.ecryptfs': No such file or directory
ls: cannot access 'home_user_bck/.thunderbird': No such file or directory
ls: cannot access 'home_user_bck/.xsession-errors': No such file or directory
ls: cannot access 'home_user_bck/thinclient_drives': No such file or directory
[..]
drwxr-xr-x 49 user user  20K Feb 20 12:47  .
drwxr-xr-x  6 user user 4,0K Feb 17 14:31  ..
d?????????  ? ?        ?           ?            ?  Audio
-?????????  ? ?        ?           ?            ?  backup.log
-?????????  ? ?        ?           ?            ?  .bash_history
-?????????  ? ?        ?           ?            ?  .bash_logout
-?????????  ? ?        ?           ?            ?  .bashrc
d?????????  ? ?        ?           ?            ?  bin
d?????????  ? ?        ?           ?            ?  .cache
d?????????  ? ?        ?           ?            ?  .conda
d?????????  ? ?        ?           ?            ?  .config
d?????????  ? ?        ?           ?            ?  .cups
d?????????  ? ?        ?           ?            ?  .cyberghost
[..]
d?????????  ? ?        ?           ?            ?  .dbus
d?????????  ? ?        ?           ?            ?  Desktop
d?????????  ? ?        ?           ?            ?  Documents
d?????????  ? ?        ?           ?            ?  Dokumente
d?????????  ? ?        ?           ?            ?  .dotnet
d?????????  ? ?        ?           ?            ?  Downloads'
-?????????  ? ?        ?           ?            ?  examples.desktop
d?????????  ? ?        ?           ?            ?  .gconf
-?????????  ? ?        ?           ?            ?  .gitconfig
d?????????  ? ?        ?           ?            ?  .gnome
d?????????  ? ?        ?           ?            ?  .gnupg
d?????????  ? ?        ?           ?            ?  .hardinfo
-?????????  ? ?        ?           ?            ?  index.html
d?????????  ? ?        ?           ?            ?  .java
d?????????  ? ?        ?           ?            ?  jd2
-?????????  ? ?        ?           ?            ?  key.txt
-?????????  ? ?        ?           ?            ?  .lesshst
d?????????  ? ?        ?           ?            ?  .local
d?????????  ? ?        ?           ?            ?  lsix-master
d?????????  ? ?        ?           ?            ?  .mozilla
d?????????  ? ?        ?           ?            ?  Music
l?????????  ? ?        ?           ?            ?  user
d?????????  ? ?        ?           ?            ?  Pictures
[..]
d?????????  ? ?        ?           ?            ?  scripts
d?????????  ? ?        ?           ?            ?  snap
d?????????  ? ?        ?           ?            ?  .ssh
-?????????  ? ?        ?           ?            ?  .sudo_as_admin_successful
d?????????  ? ?        ?           ?            ?  Templates
-?????????  ? ?        ?           ?            ?  test
d?????????  ? ?        ?           ?            ?  Test
d?????????  ? ?        ?           ?            ?  testdaten
-?????????  ? ?        ?           ?            ?  testdisk.log
-?????????  ? ?        ?           ?            ?  that.gif
[..]

I tried ecryptfs: ls lists top level folders but with "no such file or directory" for them but as ecryptfs-recover-private didn't find - no outcome. But similar results when it comes to listing top directory files. The lower directories are not possible to list.

So what went wrong here? Could it be a weird different handling of ecryptfs formerly in Ubuntu 22.04 and now Linux Mint 22.1? Is the ecryptfs system inevitably corrupted? How can I detect, what else can I do?

Obviously the slightes changes in above commands can result in totally hideous and hiding errors (or messages)....

Annotations

** The .ecryptfs was missing with the backup, so as it was a direct copy of /home/user back then, I just copied from the home/.ecryptfs/user/.ecryptfs to /backup1TB/.ecryptfs/home_user_backup/. In the folder /backup1TB/home_user_backup/ there were two links to .Privateand .ecryptfs to the formerly mentioned .ecryptfs folder.

5
  • 1
    Usually the missing metadata (with the exception of the file category because it is stored with the directory entry, not in the inode) i.e. the ? is a result of a missing x permission on the parent directory. Commented Feb 17 at 19:26
  • Thanks I will give that a try. So you think chmod +x could solve it? Commented Feb 27 at 9:09
  • @HaukeLaging Thanks for the tip, but the parent directory is executable. The underlying and mounted ecryptfs has the problem. Is there anything related more to ACLs? Commented Mar 4 at 14:02
  • @HaukeLaging I updated and restructured the complete question. Can you please have again a look on it? Commented Mar 4 at 22:42
  • Sorry, I have never used ecryptfs and have no idea how to fix problems with it. Commented Mar 5 at 2:48

0

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.