← Back to team overview

ecryptfs team mailing list archive

  1. ecryptfs team
  2. Mailing list archive
  3. Message #00918

[Bug 359997] Re: after update, prompted with "Record your encryption passphrase"; get no confirmation from terminal

  Thread PreviousDate PreviousThread Next 
Maybe I did choose to encrypt the fs.  But my concern, and the reason
for this bug, is that the pop-up confused me.  It was not clear what the
purpose was.  Is this asking for my user password?  Or is it asking for
a master key that I can use to decrypt my directory in the event of OS
failure?  If so, it would be good to confirm the password twice rather
than once.

======================
$ mount | grep ecryptfs
/home/[username]/.Private on /home/[username] type ecryptfs (ecryptfs_sig=cc21271a0.......,ecryptfs_fnek_sig=c72a126b8.......,ecryptfs_cipher=aes,ecryptfs_key_bytes=16)

$ ls -aFl | grep ecryptfs
lrwxrwxrwx  1 [username] [username] 104 2009-02-08 10:10 .ecryptfs -> /var/lib/ecryptfs/[username]/
======================

So I attempted to run the command by hand, and it appears to be failing.
I tried my user login password, and also tried the passphrase that I had
used in the initial pop-up box above:

$ ecryptfs-unwrap-passphrase .ecryptfs
Passphrase:  [password]
Warning: Using default salt value (undefined in ~/.ecryptfsrc)
Error: Unwrapping passphrase failed [-5]
Info: Check the system log for more information from libecryptfs

/var/log/syslog:
Apr 14 06:48:13 [hostname] ecryptfs-unwrap-passphrase: Error attempting to read encrypted passphrase from file [.ecryptfs]; size = [4294967295]

-- 
after update, prompted with "Record your encryption passphrase"; get no confirmation from terminal
https://bugs.launchpad.net/bugs/359997
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in eCryptfs - Enterprise Cryptographic Filesystem: Incomplete
Status in “ecryptfs-utils” source package in Ubuntu: Incomplete

Bug description:
After running 'update-manager -d', the 'Information Available' window opened and provided the following message:
=======================
Record your encryption passphrase
To encrypt your home directory or "Private" folder, a strong passphrase has been autogenerated. Usually your directory is unlocked with your user password, but if you ever need to manually recover this directory, you will need this passphrase. Please print or write it down and store it in a safe location.
You can run the "ecryptfs-unwrap-passphrase" command now to do this. Enter your user password at the "Passphrase" prompt.
=======================
Run this action now     |     Close            |
=======================

I don't believe I chose to encrypt my fs when I installed Jaunty!

So I click the 'Run this action now' button and get a terminal window prompt:
Passphrase:

I enter a passphrase, and the terminal disappears.  The previous 'information available' message remains on the screen and doesn't acknowledge that anything has happened.  In fact, I can press the 'Run this action now' button as many times as I like, and enter different passphrases.  I don't get the point of this.  

Also, after entering a passphrase, it doesn't confirm that I didn't make a typo by asking me to re-enter it.

Follow ups

  Thread PreviousDate PreviousThread Next