One day I decided to try Manjaro out. My laptop is pretty good-ish, and one of my requirements is an encrypted home directory. On the previous installation on Ubuntu 20.04, I used ecryptfs
and it was good enough for my needs. When I moved to Manjaro I decided to leave ecryptfs
as my primary encryption method but to recreate the passphrase from scratch with a completely fresh and clean home folder. Then I moved all encrypted files to another location… I believe this was the right decision, but I struggled for about a day to restore access to my previous data. This little note is for me and for those who need a bit of help with the recovery process.
For those who just came for the possible solution, jump straight to TL;DR
The problem I faced with #
If you are here you should already know that the encrypted data is located in /home/.ecryptfs/%username%
. I moved my previous data to /home/.ecryptfs/prev
but it doesn’t really matter. You can replace %username%
or whole path with your value. So let’s replace the whole /home/.ecryptfs/%username%
with short %path%
for the sake of brevity.
I tried to use ecryptfs-recover-private
and got this error:
sudo ecryptfs-recover-private %path%/.Private
### Output ###
# INFO: Found [%path%/.Private].
# Try to recover this directory? [Y/n]:
# INFO: Found your wrapped-passphrase
# Do you know your LOGIN passphrase? [Y/n]
# INFO: Enter your LOGIN passphrase...
# Passphrase:
# Inserted auth tok with sig [3121cedc8cecfb1] into the user session keyring
# mount: /tmp/ecryptfs.xxxxxxxx: mount(2) system call failed: No such file or directory.
# dmesg(1) may have more information after failed mount system call.
# ERROR: Failed to mount private data at [/tmp/ecryptfs.xxxxxxxx].
(I use sudo
instead of #
because syntax highlighting messes up with hashtag)
Wierd…
Adventure on the way to the solution #
So it says dmesg
can help. Let’s try. It’s a bit hard to find the necessary information in this constant flow of messages… I tried to run these two commands one right after the other. And there’s a hint:
sudo dmesg
### Output ###
# [128513.402407] Could not find key with description: [2a283744646d8d1]
# [128513.402410] process_request_key_err: No key
# [128513.402411] Could not find valid key in user session keyring for sig specified in mount option: [2a283744646d8d1]
Yeah, I know some of these words. I guess the essential part is user session keyring
My craziest thought was “why not try to add some key in some keyring of the current user”. So I did this (after a lot of googling):
ecryptfs-unwrap-passphrase %path%/.ecryptfs/wrapped-passphrase
### Output ###
# Passphrase:
# %32-long-line-with-random-chars%
Instead of %32-long-line-with-random-chars%
, you will get your own key.
Next I found this line:
echo -n "%32-long-line-with-random-chars%" | ecryptfs-add-passphrase --fnek -
### Output ###
# Inserted auth tok with sig [3121cedc8cecfb1] into the user session keyring
# Inserted auth tok with sig [2a283744646d8d1] into the user session keyring
And now tried mount private folder again:
sudo ecryptfs-recover-private %path%/.Private
### Output ###
# [sudo] password for username:
# INFO: Found [%path%/.Private].
# Try to recover this directory? [Y/n]:
# INFO: Found your wrapped-passphrase
# Do you know your LOGIN passphrase? [Y/n]
# INFO: Enter your LOGIN passphrase...
# Passphrase:
# Inserted auth tok with sig [3121cedc8cecfb1] into the user session keyring
# INFO: Success! Private data mounted at [/tmp/ecryptfs.yyyyyyyy].
And voilà! I have my data back:
ls -al /tmp/ecryptfs.yyyyyyyy
### Output ###
# drwx------ 3 username username 28672 июн 12 15:17 .
# drwxrwxrwt 26 root root 1360 июн 23 23:04 ..
# drwxrwxr-x 3 username username 4096 янв 5 2021 .local
Yeah, there were a lot more things in it. But I’ve already moved it away :grin:
I think this is not a new problem. But I spent a lot of time solving this puzzle, so I decided to share my knowledge for future me.
TL;DR #
If you have this error trying ecryptfs-recover-private
:
mount: /tmp/ecryptfs.xxxxxxxx: mount(2) system call failed: No such file or directory.
dmesg(1) may have more information after failed mount system call.
ERROR: Failed to mount private data at [/tmp/ecryptfs.xxxxxxxx].
You can try this:
ecryptfs-unwrap-passphrase %path%/.ecryptfs/wrapped-passphrase
# Shouldn't be sudo!
# Replace "%32-long-line-with-random-chars%" with `ecryptfs-unwrap-passphrase` output
echo -n "%32-long-line-with-random-chars%" | ecryptfs-add-passphrase --fnek -
sudo ecryptfs-recover-private %path%/.Private
If you succeed, please inform me about it somehow. I will be super thankful :blush:
P.S. I’m not a native English-speaking person, my knowledge is relatively low. This post is my first in this language and can have a lot, I mean A LOT of issues. I will be very thankful if you help me to fix my grammar errors or give me an advice(s) :fox: