encrypted home directory / wrapped-passphrase

Basil Chupin blchupin at iinet.net.au
Mon Jul 23 07:37:55 UTC 2012 

On 21/07/12 21:50, Nolan wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 07/20/2012 07:52 AM, Basil Chupin wrote:
>> On 20/07/12 07:26, scar wrote:
>>> hi i used the ecryptfs-migrate-home command to encrypt my home
>>> directory, and during that process i am told:
>>>
>>> ************************************************************************
>>> YOU SHOULD RECORD YOUR MOUNT PASSPHRASE AND STORE IT IN A SAFE LOCATION.
>>>     ecryptfs-unwrap-passphrase ~/.ecryptfs/wrapped-passphrase
>>> THIS WILL BE REQUIRED IF YOU NEED TO RECOVER YOUR DATA AT A LATER TIME.
>>> ************************************************************************
>>>
>>> so i run that command and get the ~/.ecryptfs/wrapped-passphrase file,
>>> which it seems to me should be moved elsewhere, like removable storage,
>>> since it sounds like this file is to be used when i forget my password.
>>>
>>> however, when i move that file, my home directory no longer gets
>>> decrypted when i log in and i get all these errors starting with one
>>> about .ICEauthority file or something.
>>>
>>> if i move that wrapped-passphrase file back to ~/.ecryptfs then things
>>> get decrypted when i log in.  so it seems like that file is necessary
>>> but its also stored in an unencrypted location for whomever steals my
>>> computer to use to decrypt my home directory, defeating the whole point
>>> of encryption.  i guess i'm obviously not understanding something here,
>>> can someone clarify?  thanks
>> You should look carefully into this question of encrypting your home directory.
>>
>> Doing such an encryption of your home directory under the belief that you are actually
>> making the data stored in /home totally secure is a delusion.
>>
>> For example, on one of my computers I have the /home encrypted.
>>
>> WOW, I thought. All this data is now safe!
>>
>> Well, I have an external HDD which I use for backing up my /home directory. But what I
>> found is that anyone can read that backed-up /home directory on the external HDD because
>> once you copy it you lose all the encryption UNLESS you have the destination also
>> encrypted. I won't explain further but I think I have my point.
>>
>> Now for the next part.
>>
>> I did an upgrade to my system - it was an upgrade of the kernel actually - after which I
>> could not boot into the system. Nothing I tried to do could get me into the system using
>> Rescue Disc etc etc because I had an encrypted /home directory and I needed to provide the
>> passphrase in order to be able to access /home but nothing in the Rescue Disc asked me for
>> such a passphrase - the only thing it was interested in was to be able to mount the /home
>> partition, which, of course, was encrypted.
>>
>> After fooling around for a few days and agonising about the thought of losing all data
>> (some irreplaceable) in the /home directory, I discovered a few simple command line
>> entries which completely bypassed the encryption I had on my /home directory and allowed
>> me to boot into the system and fix up the mess created by the upgrade to the kernel! So
>> much for encryption!
>>
>> I then abandoned the whole idea of encrypting the /home directory as a complete waste of
>> time and effort.
>>
>> You want security and encryption? Then encrypt your whole installation/file system and not
>> just your /home directory. But if you go this way it will be at a cost of slowing down the
>> operation of your whole system.
>>
>> Take some time off and read up about encryption/encrypting your file system - and NOT just
>> your /home directory.
>>
>> BC
>>
> Basil...
> Would zipping the "/home" directory and giving it a strong password
> accomplish all or at least most of what you want?
> Nolan
The simple and honest answer is: I don't know as I have never tried to 
do it, or considered it - nor am I a security expert :-) .

But if you think about it, in this situation what you would be doing is 
simply creating an archived copy of your home directory in a passworded 
zip format file. The archive *may* be a bit of headache for someone who 
tries to get into it but not impossible for those with the right 
equipment, but the ORIGINAL home directory is still a piece of cake to 
get into - as I found out :-( . Look here:

https://wiki.archlinux.org/index.php/Removing_System_Encryption

And, depending on which part of the world you are living in, there are 
laws which REQUIRE you (under the penalty of having your genitals 
removed with wire-cutters [if you are male that is :-) ]) to provide the 
government authorities (you know the ones) with the password you have 
used to encrypt your zip file *OR*, repeat OR, your *whole* (file) 
system for that matter! (There is discussion about this but which I 
won't go into here; but have a look in the Wikipedia, for example, about 
this subject of encryption).

BC

-- 
Using openSUSE 12.2 x86_64 KDE 4.8.4 & kernel 3.4.5-1 on a system with-
AMD FX 8-core 3.6/4.2GHz processor
16GB PC14900/1866MHz Quad Channel Corsair "Vengeance" RAM
Gigabyte AMD3+ m/board; Gigabyte nVidia GTX550Ti 1GB DDR5 GPU

More information about the ubuntu-users mailing list