Solving eCryptfs "Failed to mount private data" error

One day I decided to try Manjaro out. My laptop is pretty good-ish, and one of my requirements is an encrypted home directory. On the previous installation on Ubuntu 20.04, I used ecryptfs and it was good enough for my needs. When I moved to Manjaro I decided to leave ecryptfs as my primary encryption method but to recreate the passphrase from scratch with a completely fresh and clean home folder. Then I moved all encrypted files to another location… I believe this was the right decision, but I struggled for about a day to restore access to my previous data. This little note is for me and for those who need a bit of help with the recovery process.

For those who just came for the possible solution, jump straight to TL;DR

The problem I faced with #

If you are here you should already know that the encrypted data is located in /home/.ecryptfs/%username%. I moved my previous data to /home/.ecryptfs/prev but it doesn’t really matter. You can replace %username% or whole path with your value. So let’s replace the whole /home/.ecryptfs/%username% with short %path% for the sake of brevity.

I tried to use ecryptfs-recover-private and got this error:

sudo ecryptfs-recover-private %path%/.Private

### Output ###
#  INFO: Found [%path%/.Private].
#  Try to recover this directory? [Y/n]: 
#  INFO: Found your wrapped-passphrase
#  Do you know your LOGIN passphrase? [Y/n] 
#  INFO: Enter your LOGIN passphrase...
#  Passphrase: 
#  Inserted auth tok with sig [3121cedc8cecfb1] into the user session keyring
#  mount: /tmp/ecryptfs.xxxxxxxx: mount(2) system call failed: No such file or directory.
#         dmesg(1) may have more information after failed mount system call.
#  ERROR: Failed to mount private data at [/tmp/ecryptfs.xxxxxxxx].

(I use sudo instead of # because syntax highlighting messes up with hashtag)

Wierd…

Adventure on the way to the solution #

So it says dmesg can help. Let’s try. It’s a bit hard to find the necessary information in this constant flow of messages… I tried to run these two commands one right after the other. And there’s a hint:

sudo dmesg

### Output ###
#  [128513.402407] Could not find key with description: [2a283744646d8d1]
#  [128513.402410] process_request_key_err: No key
#  [128513.402411] Could not find valid key in user session keyring for sig specified in mount option: [2a283744646d8d1]

Yeah, I know some of these words. I guess the essential part is user session keyring

My craziest thought was “why not try to add some key in some keyring of the current user”. So I did this (after a lot of googling):

ecryptfs-unwrap-passphrase %path%/.ecryptfs/wrapped-passphrase

### Output ###
#  Passphrase: 
#  %32-long-line-with-random-chars%

Instead of %32-long-line-with-random-chars%, you will get your own key.

Next I found this line:

echo -n "%32-long-line-with-random-chars%" | ecryptfs-add-passphrase --fnek -

### Output ###
#  Inserted auth tok with sig [3121cedc8cecfb1] into the user session keyring
#  Inserted auth tok with sig [2a283744646d8d1] into the user session keyring

And now tried mount private folder again:

sudo ecryptfs-recover-private %path%/.Private

### Output ###
#  [sudo] password for username: 
#  INFO: Found [%path%/.Private].
#  Try to recover this directory? [Y/n]: 
#  INFO: Found your wrapped-passphrase
#  Do you know your LOGIN passphrase? [Y/n] 
#  INFO: Enter your LOGIN passphrase...
#  Passphrase: 
#  Inserted auth tok with sig [3121cedc8cecfb1] into the user session keyring
#  INFO: Success!  Private data mounted at [/tmp/ecryptfs.yyyyyyyy].

And voilà! I have my data back:

ls -al /tmp/ecryptfs.yyyyyyyy

### Output ###
#  drwx------  3 username username 28672 июн 12 15:17 .
#  drwxrwxrwt 26 root     root      1360 июн 23 23:04 ..
#  drwxrwxr-x  3 username username  4096 янв  5  2021 .local

Yeah, there were a lot more things in it. But I’ve already moved it away :grin:

I think this is not a new problem. But I spent a lot of time solving this puzzle, so I decided to share my knowledge for future me.

TL;DR #

If you have this error trying ecryptfs-recover-private:

mount: /tmp/ecryptfs.xxxxxxxx: mount(2) system call failed: No such file or directory.
       dmesg(1) may have more information after failed mount system call.
ERROR: Failed to mount private data at [/tmp/ecryptfs.xxxxxxxx].

You can try this:

ecryptfs-unwrap-passphrase %path%/.ecryptfs/wrapped-passphrase
# Shouldn't be sudo!
# Replace "%32-long-line-with-random-chars%" with `ecryptfs-unwrap-passphrase` output
echo -n "%32-long-line-with-random-chars%" | ecryptfs-add-passphrase --fnek -
sudo ecryptfs-recover-private %path%/.Private

If you succeed, please inform me about it somehow. I will be super thankful :blush:

P.S. I’m not a native English-speaking person, my knowledge is relatively low. This post is my first in this language and can have a lot, I mean A LOT of issues. I will be very thankful if you help me to fix my grammar errors or give me an advice(s) :fox: