How to mount backup of encrypted home directory

seanh snhmnd at gmail.com
Sun Feb 6 20:52:50 UTC 2011


I use Ubuntu's encrypted home directory and I rsync'd my ~/.Private
folder to an external hard drive. Now I want to mount that backup to
restore some files. Can anyone help me to figure out how to mount (and
decrypt) the backup?

Documentation on this is surprisingly weak, there are various
complicated how-tos on blogs and the ubuntu wiki, they vary, nothing
seems authoritative, I can't get it to work. Here's what I did:

	seanh at dulip:~ % mkdir /tmp/restore
	seanh at dulip:~ % sudo mount -t ecryptfs
/media/BACKUP1/dulip/home/seanh/latest.snapshot /tmp/restore
	[sudo] password for seanh:
	Passphrase:
	Select cipher:
	1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
	2) blowfish: blocksize = 16; min keysize = 16; max keysize = 56 (not loaded)
	3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 (not loaded)
	4) twofish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
	5) cast6: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
	6) cast5: blocksize = 8; min keysize = 5; max keysize = 16 (not loaded)
	Selection [aes]:
	Select key bytes:
	1) 16
	2) 32
	3) 24
	Selection [16]:
	Enable plaintext passthrough (y/n) [n]:
	Enable filename encryption (y/n) [n]: y
	Filename Encryption Key (FNEK) Signature [****************]:
	Attempting to mount with the following options:
	ecryptfs_unlink_sigs
	ecryptfs_fnek_sig=****************
	ecryptfs_key_bytes=16
	ecryptfs_cipher=aes
	ecryptfs_sig=****************
	WARNING: Based on the contents of [/root/.ecryptfs/sig-cache.txt],
	it looks like you have never mounted with this key
	before. This could mean that you have typed your
	passphrase wrong.

	Would you like to proceed with the mount (yes/no)? : yes
	Would you like to append sig [****************] to
	[/root/.ecryptfs/sig-cache.txt]
	in order to avoid this warning in the future (yes/no)? : no
	Not adding sig to user sig cache file; continuing with mount.
	Mounted eCryptfs

At first glance this appears to have worked. ls /tmp/restore shows my
files. But if I then try to access any of those files, e.g. ls
/tmp/restore/Desktop I get 'file does not exist' errors. If I open
/tmp/restore in nautilus it shows an empty folder. If I do sudo ls
/tmp/restore I see the encrypted filenames.

When it asks for 'passphrase' I don't know if it wants my login
password or the long encryption passphrase that I can get using the
ecrypts-unwrap-passphrase command. I tried both but neither works. I
also don't know what the filename encryption key signature should be,
I tried accepting what it suggests, and also various other things
found on blogs, but no luck.

The complexity of recovering a backup of an Ubuntu encrypted homedir
seems to be a problem. Anyone searching for help will find various
pages listing commands that you don't understand the effect of. Maybe
if we can figure it out, we can write an authoritative wiki page
covering the various cases.




More information about the ubuntu-users mailing list