Ubuntu – Can’t access the encrypted home folder

ecryptfsencryptionhome-directorypassphrasepassword

My problem is the following:

I decided to do an apt-get dist-upgrade. At first it said that it had to remove a lot of programs, which seemed a little suspicious, but I trusted the upgrade system. I said to myself "well, maybe there are dependencies issues, and it's easier for the update system to remove those programs and install the newer ones. We are in the year 2015, it probably knows what it's doing". Well, it didn't, since it deleted the OS basically.

So now my problem is the following: I can't recover my personal files because my home folder is encrypted, and I don't have the mount passphrase, only my user password. I searched all the web but I couldn't find anything that solved my problem. I tried booting from a live-cd and recover the passphrase with ecryptfs-unwrap-passphrase but it was worthless, because when I try, it asks me for my… passphrase (I tried my user password but it didn't work out).
I also tried using this script, but it only outputs unrecognized characters.

I tried the approaches suggested here but eventually they didn't work out, basically when I'm asked for my passphrase, which I couldn't recover yet with any of those methods.

Any suggestions?

EDIT: @zhongfu

I did that, and I get the following:

INFO: Found [MYUSER].
Try to recover this directory? [Y/n]: y
INFO: Could not find your wrapped passphrase file.
INFO: To recover this directory, you MUST have your original MOUNT passphrase.
INFO: When you first setup your encrypted private directory, you were told to record
INFO: your MOUNT passphrase.
INFO: It should be 32 characters long, consisting of [0-9] and [a-f].
Enter your MOUNT passphrase:

so we are back at square one. So I went to /media/xubuntu/f6c13be2-8045-4ec6-b1af-c1f2524de4ed/home/.ecryptfs/MYUSER/.ecryptfs and there is a file called wrapped-pashprasse, so apparently there is a wrapped passphrase, and I don’t know why it said that it couldn’t find it earlier. Next I did ecryptfs-unwrap-passphrase, I enter my account password, but I get the same result. I don't know what else to do.

I opened the wrapped passhprase file with gedit and got strange symbols mixed with hex values. If I could see correctly what characters the strange symbols are encoding, I could get the passphrase, but I don't know how.

I was thinking, maybe if I could get the binary representation of that file, I could convert those symbols into hex by myself, right?

Best Answer

You can try using ecryptfs-recover-private.

  1. Boot into your live CD, preferably an Ubuntu one of a newer version
  2. Mount the partition containing your home directory (either your root partition, or your /home partition if you have one)
  3. In your terminal, navigate to the directory containing your home directory (should be something like /media/PARTITION_UUID/home)
  4. Run ecryptfs-recover-private USERNAME. It should prompt you with a few questions, and if it's successful, it will return a directory to which your home folder is mounted read-only. (e.g. /tmp/ecryptfs.Jd7xE2Bd)
Related Question