ecryptfs team mailing list archive

Thread
Date

[Bug 322123] Re: After moving home directory to different computer ecryptfs-mount-private reports error

To: ecryptfs@xxxxxxxxxxxxxxxxxxx
From: Dustin Kirkland <dustin.kirkland@xxxxxxxxx>
Date: Wed, 18 Mar 2009 22:55:21 -0000
Reply-to: Bug 322123 <322123@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Hi David-

So I'll record the rest of our conversation here, and convert this "bug"
into a "question".

The tools you actually need are:
 * ecryptfs-rewrap-passphrase
 * ecryptfs-insert-wrapped-passphrase-into-keyring

After moving your passphrase from the first machine to the second, you should manually rewrap the passphrase on the second machine.  You will need your "old" login passphrase from the first machine, and your "new" login passphrase from the second machine:
 $ ecryptfs-rewrap-passphrase $HOME/.ecryptfs/wrapped-passphrase

Then, you'll want to run:
 $ ecryptfs-insert-wrapped-passphrase-into-keyring $HOME/.ecryptfs/wrapped-passphrase

This will get your mount passphrase into the keyring.  At this point, you should be able to run:
 $ ecryptfs-mount-private

:-Dustin

** Changed in: ecryptfs-utils (Ubuntu)
       Status: New => Invalid

** bug changed to question:
   https://answers.edge.launchpad.net/ubuntu/+source/ecryptfs-utils/+question/64587

-- 
After moving home directory to different computer ecryptfs-mount-private reports error
https://bugs.launchpad.net/bugs/322123
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in “ecryptfs-utils” source package in Ubuntu: Invalid

Bug description:
STEPS TO REPRODUCE:

1) You need to have an installation of Ubuntu 9.04 and 8.10 with the same username but different login passphrases. When you set up your private directory on 9.04 be sure to use a different mount passphrase then your login passphrase.
2) Migrate /home directory from a computer running 9.04 Alpha 3 to a computer running 8.10
3) Install ecryptfs-utils
4) run ecryptfs-mount-private 
5) error is produced:
Error attempting to unwrap passphrase and insert into the user session keyring; rc = [-5]. Check the system log for more information from libecryptfs.

WORKAROUND:
By editing the ecryptfs-mount-private script slightly, and executing it, it asks for the login passphrase (for the first 9.04 computer) and mounts the ~/Private directory. I attached a diff between the edited version and the original version.

TERMINAL OUTPUT:
komputes@ubuntu:~$ ecryptfs-mount-private
Enter your login passphrase:
Unable to read salt value from user's .ecryptfsrc file; using default
Error attempting to unwrap passphrase and insert into the user session keyring; rc = [-5]. Check the system log for more information from libecryptfs.
komputes@ubuntu:~$ keyctl show
Session Keyring
       -3 --alswrv   1001    -1  keyring: _uid_ses.1001
853123054 --alswrv   1001    -1   \_ keyring: _uid.1001
komputes@ubuntu:~$ ./ecryptfs-mount-private
Enter your login passphrase:
Unable to read salt value from user's .ecryptfsrc file; using default
Inserted auth tok with sig [2144fec175f64989] into the user session keyring
komputes@ubuntu:~$ keyctl show
Session Keyring
       -3 --alswrv   1001    -1  keyring: _uid_ses.1001
853123054 --alswrv   1001    -1   \_ keyring: _uid.1001
986493151 --alswrv   1001  1001       \_ user: 2144cef175f69499


Dustin, there is no need to make a change, this is simply here as a record of the issue and the discussion we had.

References

[Bug 322123] [NEW] After moving home directory to different computer ecryptfs-mount-private reports error
From: komputes, 2009-01-27