Ubuntu: Mount encrypted home directory

by Lorenz Bausch Posted on February 3, 2016

After changing harddrives I needed to transfer some files from the old harddrive which had an encrypted home directory. The command

sudo ecryptfs-recover-private

did not work:

sudo ecryptfs-recover-private /home/.ecryptfs/user/.ecryptfs/
INFO: Found [/home/.ecryptfs/user/.ecryptfs/].
Try to recover this directory? [Y/n]:
INFO: Found your wrapped-passphrase
Do you know your LOGIN passphrase? [Y/n]
INFO: Enter your LOGIN passphrase...
Passphrase:
Inserted auth tok with sig [f7402d552edaa194] into the user session keyring
mount: mount(2) failed: No such file or directory
ERROR: Failed to mount private data at [/tmp/ecryptfs.p3BXsWqk].

http://askubuntu.com/a/36783 pointed me in the right direction. First mount the old hard drive in the new Ubuntu installation. Then run

sudo ecryptfs-add-passphrase --fnek

to add the corresponding passphrase (32 digits). Remember the second sig and mount your directory with

sudo mount -t ecryptfs /mnt/oldhome/.ecryptfs/me/.Private /mnt/oldme

You will need to answer some questions. The suggested default works except for the following two questions:

Enable filename encryption (y/n) [n]: y

and

Filename Encryption Key (FNEK) Signature [aaaaaaaaaaaaaaaa]: bbbbbbbbbbbbbbbb

In my case some warnings were shown saying that encryption may not have worked properly and if mounting should continue. Despite those warnings all files were accessible.

This entry was posted in Ubuntu. Bookmark the permalink.