[ubuntu-za] Encrypted Filesystem Question

Quintin Beukes quintin at last.za.net
Thu Sep 17 11:20:20 BST 2009


Yes, the Q signature is weird ;> I hope you don't have copyright? ;>

And regarding strong login passwords... that's true actually. I have
quite the weak login password, where my e-mail password for ex. is
mega strong.

I guess it's because you type the login password so many times you
make it weaker. Or you don't really care for someone accessing the
machine, and this way when you are somewhere else and need to instruct
someone to use your machine over the phone it's (a) easier to describe
the password (b) you don't hand out sensitive information

Further, once they're logged in they can't do jack without your
power-passwords. My Firefox password autofill database is also
protected with a strong password. Though I haven't really checked, but
is this database encrypted?! Because a strong password doesn't help if
someone can recover all my passwords anyway.

Q

On Thu, Sep 17, 2009 at 9:52 AM, Quintin van Rooyen
<quintin.vanrooyen at gmail.com> wrote:
> 2009/9/16 Quintin Beukes <quintin at last.za.net>
>>
>> For interest sake, how long did it take to recover the password? I
>> assume the password you forgot was given to you? Is this done with
>> brute force or is there a weakness (as in it being stored for purposes
>> of automation)?
>>
>> Q
>
> I remembered my old login password. I used it to recover my encryption key.
> I guess that for a 8digit password (like mine was) it will take at least a
> day or so to brute-force it (I had no special characters.)
>
> I wonder if it spits out a random key every time you enter an incorrect
> password or gives an error message.
>
> My point is that encryption keys are moot if the only thing keeping you from
> your data is the strength or weakness of your login password. How many
> people do you know with strong and proper login passwords?
>
> Regards
>
> Q
>
> (ps. I find it weird to answer a mail signed Q with a mail signed Q)
>
>>
>> On Wed, Sep 16, 2009 at 5:20 PM, Quintin van Rooyen
>> <quintin.vanrooyen at gmail.com> wrote:
>> > SOLVED!
>> >
>> > I went through a lot of troubleshooting to get this right.
>> >
>> > Here is a quick walk-through, might not be perfect though. You need to
>> > install ecryptfs-utils before doing this, and it is not available in the
>> > live environment until you do apt-get update.
>> >
>> > sudo aptitude install ecryptfs-utils
>> >
>> > sudo mount -t ecryptfs /home/username/.Private /home/username/Private
>> >
>> > I was asked what my passphrase was. Realised I forgots it :(
>> >
>> > So I mounted the drive, and did:
>> >
>> >
>> > ecryptfs-unwrap-passphrase ~/.ecryptfs/wrapped-passphrase "login passphrase"
>> >
>> > (Note that some of the symlinks may be broken, as it was in my case and
>> > I
>> > had to follow the broken symlinks to the correct file.)
>> >
>> > After running that command your passkey is spat out (you use your
>> > password
>> > that you used to log into Ubuntu (in my case)) in plain text.
>> >
>> > This in effect means that if someone can get hold of your harddrive with
>> > your entire installation they can run a brute force with this command
>> > until
>> > the correct passphrase is spat out. The wrapper-passphrase file is not
>> > in
>> > /home. I forget now where it was.
>> >
>> > After doing this I successfully mounted the file and browsed to it. I
>> > could
>> > see files, open images and so on but the filenames and extentions where
>> > horribly encrypted and for all intents and purposes useless.
>> >
>> > So I backtracked and did the following:
>> >
>> > Sudo mkdir /mount/encrypt (the name was so I could sanely identify the
>> > mounted drive)
>> > sudo mount /dev/sda6 /mount/encrypt
>> > sudo mount -o bind /dev /mount/encrypt/dev
>> > sudo mount -o bind /proc /mount/encrypt/proc
>> > sudo mount -o bind /sys /mount/encrypt/sys
>> >
>> > Then I chrooted into the drive:
>> >
>> > sudo chroot /mount/encrypt
>> >
>> > I then changed into the correct username:
>> >
>> > su - quintin
>> >
>> > and I was asked to enter my password. So I did (for the old install)
>> >
>> > I ran the ecryptfs-mount command and entered my (previously recovered)
>> > passphrase but was promptly informed that it was incorrect. So I had to
>> > tell
>> > the install what the correct one is by using:
>> >
>> > ecryptfs-add-passphrase --fnek
>> >
>> > I was prompted for the passphrase (the long monster of a thing that gets
>> > spat out if you ever decide to encrypt a drive)
>> >
>> > After that I ran:
>> >
>> > ecryptfs-mount-private and was asked for my passphrase again and I
>> > entered
>> > it. This time it was accepted and I could do a:
>> >
>> > cd $HOME
>> >
>> > After much churning and noise (the HDD is bad :() my files where
>> > displayed!
>> >
>> >
>> > I could now browse to the folder in nautilus (after Jaco Kroon helped me
>> > with something that I did not understand about chroot, thanks Jaco) and
>> > I
>> > could start copying the important stuff over.
>> >
>> > So there you are.
>> >
>> >
>> > Thanks for all the suggestions, and here are the howto's I followed, but
>> > they do not work in and of themselves:
>> >
>> >
>> > http://blog.dustinkirkland.com/2009/03/mounting-your-encrypted-home-from.html
>> >
>> >
>> > https://help.ubuntu.com/community/EncryptedPrivateDirectory#Recovering%20Your%20Data%20Manually
>> >
>> > --
>> > Quintin van Rooyen
>> > 0824772477
>> > quintin.vanrooyen at gmail.com
>> > The New SA Geek!
>> > http://blog.sageek.co.za
>> >
>> > --
>> > ubuntu-za mailing list
>> > ubuntu-za at lists.ubuntu.com
>> > https://lists.ubuntu.com/mailman/listinfo/ubuntu-za
>> >
>> >
>>
>>
>>
>> --
>> Quintin Beukes
>>
>> --
>> ubuntu-za mailing list
>> ubuntu-za at lists.ubuntu.com
>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-za
>
>
>
> --
> Quintin van Rooyen
> 0824772477
> quintin.vanrooyen at gmail.com
> The New SA Geek!
> http://blog.sageek.co.za
>
> --
> ubuntu-za mailing list
> ubuntu-za at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-za
>
>



-- 
Quintin Beukes



More information about the ubuntu-za mailing list