On 12.04 LTS x64, I changed my user password via the User Accnts tool. After that I was unable to login again with my new password since my home directory is encrypted and the above-described bug does not allow decryption of the home directory with the new login password.
The passphrase to decrypt the home directory is saved in a folder on my encrypted home directory.
Is there any way to recover this passphrase and unlock my home directory?
Do not have separate record of the decryption passphrase. I still have a functioning Guest Account to which I have access, but I am not clear whether I can somehow gain access to the files in my encrypted user home directory while logged in as Guest and without having the decrypt passphrase. Please advise asap.
Best Answer
If you're using
ecryptfs
(it's the standard way to encrypt home folders, so probably are) then when you changed your user password you lost automatic access to your encrypted home (as you discovered). That should not have happened with most regular ways to change your password (likepasswd
), they're supposed to use PAM to update the encryption automatically (but not if an administrator changes/resets the password, or it wouldn't be secure).ecryptfs
actually recommends that you keep a backup copy of the actual passphrase it uses (it's not your login passphrase, but it is encrypted or "wrapped" with your login passphrase) just in case something happens to the wrapped passphrase file you're referring to.But using
ecryptfs-unwrap-passphrase
you should be able to find out the actual ecryptfs passphrase.Using
ecryptfs-rewrap-passphrase
you could use your old user passphrase to "unwrap" the ecryptfs passphrase, then "re-wrap" it it with your new user passphrase. Here's a clip from it'sman
page:But I'd make a backup copy of any files before running that on them. (ps. you don't need to use the
printf...
format, it works just runningecryptfs-rewrap-passphrase [file]
if you don't mind typing the passphrases).And you could run
ecryptfs-recover-private
to just mount any ecryptfs encrypted private folders it finds, then backup/copy, etc.See
man ecryptfs
and theman
pages for all theecryptfs-...
tools for some more info. And archlinux's wiki has some pretty good info at https://wiki.archlinux.org/index.php/ECryptfs