ecryptfs team mailing list archive

Thread
Date

[Bug 305882] Re: ecryptfs private wrapped passphrase with wrong password during password change

To: ecryptfs@xxxxxxxxxxxxxxxxxxx
From: Vernon Tang <vt@xxxxxxxxxxxx>
Date: Mon, 12 Jan 2009 07:29:33 -0000
Reply-to: Bug 305882 <305882@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

victim@stupid:~$ ecryptfs-unwrap-passphrase ./.ecryptfs/wrapped-passphrase 
Passphrase: password
Warning: Using default salt value (undefined in ~/.ecryptfsrc)
(passphrase)victim@stupid:~$ passwd
Changing password for victim.
(current) UNIX password: password
Enter new UNIX password: a
Retype new UNIX password: a
You must choose a longer password
Enter new UNIX password: a
Retype new UNIX password: a
You must choose a longer password
Enter new UNIX password: a
Retype new UNIX password: a
You must choose a longer password
passwd: password updated successfully
victim@stupid:~$ ecryptfs-unwrap-passphrase ./.ecryptfs/wrapped-passphrase 
Passphrase: password
Warning: Using default salt value (undefined in ~/.ecryptfsrc)
Error: Unwrapping passphrase failed [-5]
Info: Check the system log for more information from libecryptfs
victim@stupid:~$ ecryptfs-unwrap-passphrase ./.ecryptfs/wrapped-passphrase 
Passphrase: a
Warning: Using default salt value (undefined in ~/.ecryptfsrc)
(passphrase)victim@stupid:~$ su victim
Password: a
su: Authentication failure
victim@stupid:~$ su victim
Password: password
victim@stupid:~$

-- 
ecryptfs private wrapped passphrase with wrong password during password change
https://bugs.launchpad.net/bugs/305882
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in “ecryptfs-utils” source package in Ubuntu: Incomplete
Status in “pam” source package in Ubuntu: New

Bug description:
Binary package hint: ecryptfs-utils

To reproduce:

1. On command line, attempt to change your password to a weak password (like "yes").
2. Actually change your password to a strong password.

I found that ecryptfs wrapped the passphrase in the weak password instead of the final password I chose.

Description:	Ubuntu 8.10
Release:	8.10

ecryptfs-utils:
  Installed: 53-1ubuntu12
  Candidate: 53-1ubuntu12
  Version table:
 *** 53-1ubuntu12 0
        500 http://mirrors.us.kernel.org intrepid-updates/main Packages
        100 /var/lib/dpkg/status
     53-1ubuntu11 0
        500 http://mirrors.us.kernel.org intrepid/main Packages

Follow ups

Re: [Bug 305882] Re: ecryptfs private wrapped passphrase with wrong password during password change
From: Dustin Kirkland, 2009-01-12

References

[Bug 305882] [NEW] ecryptfs private wrapped passphrase with wrong password during password change
From: jpritikin73, 2008-12-07