Ok it looks like I need to do a fresh install of Ubuntu 10.04.2 because of this issue.
But still I need to get some files off of my encrypted /home directory!
So after a bunch of searching, I found a solution! So not a total loss. I mean yeah I have to format (lame), but at least I learn how to recover my encrypted /home directory in case of catastrophe, like a Kernel panic (-50 points Ubuntu).
All the credit goes to this guy’s (or gal’s) post on the Ubuntu Forums. And he or she gives credit to someone else, and life goes on.
So I will be pretty much copying the post, but I wanted to add value on the parts where I was confused in hopes that it makes it easier for someone else 🙂
I performed these steps on this machine:
- Ubuntu 10.04.2 64 bit (Lucid Lynx)
- Asus G73JW-A1 (RoG)
1. Boot from Live CD
2. Mount the hard drive or partition on which the encrypted home folder is stored. You can do this by browsing the Places menu; it will likely just be something like “100 GB Filesystem”, and it will be mounted to a directory similar to this “/media/04b67fb1-aafd-4082-aebc-493c509bdbe1”. (just an example)
3. Open a terminal window (Applications > Accessories > Terminal).
4. Enter this:
sudo ecryptfs-add-passphrase –fnek
Note: At this point, you will be asked for your Passphrase. The Passphase is NOT the password you used to log into your computer. The passphrase is that long-ass string of numbers and letters Ubuntu generates for you when you first log into your encrypted /home directory. I hope you wrote it down. (example: 32by422a4b8e9x0x455uea97774x9e04)
5. Now you will see output that looks like this:
Inserted auth tok with sig [9986ad986f986af7] into the user session keyring Inserted auth tok with sig [76a9f69af69a86fa] into the user session keyring
Note: Copy the second string of characters in the brackets (yours will of course be different from the example I’ve provided) and make a note of it. You’ll need it to decrypt the names of your files. (Note: In a terminal window, Ctrl+Shift+C is copy and Ctrl+Shift+V is paste.)
6. Create a folder on your Desktop to use as a mount point
7. Now your terminal should resemble this (remember Passphrase is to long-ass string I talked about above):
ubuntu@ubuntu:~$ sudo mount -t ecryptfs /media/04b67fb1-aafd-4082-aebc-493c509bdbe1/home/.ecryptfs/enter your username here/.Private Desktop/Mount Passphrase: Select cipher: 1) aes: 2) blowfish: 3) des3_ede: 4) twofish: 5) cast6: 6) cast5: Selection [aes]: Select key byes: 1) 16 2) 32 3) 24 Selection : Enable plaintext passthrough (y/n) [n]: Enable filename encryption (y/n) [n]: y Filename Encryption Key (FNEK) Signature [9986ad986f986af7]: 76a9f69af69a86fa (this was what you should have copied from above, paste it here) Attempting to mount with the following options: ecryptfs_unlink_sigs ecryptfs_fnek_sig=76a9f69af69a86fa ecryptfs_key_bytes=16 ecryptfs_cipher=aes ecryptfs_sig=9986ad986f986af7 Mounted eCryptfs ubuntu@ubuntu:~$
Note: The very last thing you might be asked is if you are sure you want to mount. If you think you entered the Passphrase wrong, or you think you messed up, type “no”. Otherwise type “yes”.
8. Ok, try to copy your files
- Press Alt + F2 on the keyboard
- Navigate to “/home/ubuntu/Desktop/Mount” and try and copy your files. If you cannot copy due to permissions, go to step 9
9. Now that is mounted you’ll need to change permissions so you can copy the files
- Press Alt + F2 on the keyboard
- In the terminal type:
sudo chown root -R /home/ubuntu/Desktop/Mount sudo chmod 755 -R /home/ubuntu/Desktop/Mount
- Try step 8, and you should be able to copy files if you were not able to earlier.
So that should do it! 🙂 If you have a better way, please comment 🙂
End of Line.