Ubuntu – Recovering data from Private in an ecryptfs backup when the new home is also encrypted

ecryptfs

I have a backup of /home from my old system on an external drive. The ~ on my new system has full home encryption from ecryptfs. I want to decrypt the Private on the old home and copy its now-decrypted contents to the new home.

I actually have the ~/.Private and ~/.ecryptfs from the old system on my new system as well. I tried mounting it from there before, but it's not possible. I've confirmed with Dustin Kirkland (ecryptfs developer) that you can't have an encrypted home AND an encrypted private in use at the same time.

I tried mounting the backup drive over /home and running and ecryptfs-mount-private and entering my login password (same on old system and new), but ~/Private wasn't decrypted.

Best Answer

The best way to recover is by using the ecryptfs-recover-private utility from a LiveISO.

I say that because this will ensure that your recovery happens in a safe, repeatable, read-only environment.

That said, you certainly can run ecryptfs-recover-private on a running system. But I'd strongly recommend that you log out all instances of the user you're trying to recover, and then login as root or some other user.

Related Solutions

Ubuntu – Recovering eCryptfs partition with ecryptfs-recover-private not working

I figured out my problem. I was running the command and giving it my HOME directory, and for some reason it was saying it was successful in mounting it. However, it was lying. Turns out you need to run the command with the .Private folder that each user has, its located in

sudo ecryptfs-mount-private /home/.ecryptfs/<username>/.Private

The command is supposed to recurse and find that folder for you, but I was impatient and gave it my home folder. I'm not sure why it said it was successful when it clearly wasn't, but if you give it that .Private folder, and then enter your login password, it should mount it to a folder inside /tmp/ and you can do whatever else you want to do with the data =)

Ubuntu – Is ecryptfs only mounting private home directory over ssh

My comment above is the correct answer. Apparently writing everything out and then reading over it made something click in my head. Should anyone else find this with a similar problem, check to see what happens when you mount and unmount your private folder with 'ecryptfs-mount-private' and 'ecryptfs-umount-private' respectively. Each should reflect as a change in files displayed in your home directory. As ecryptfs prompts, you need to cd to /home/my_user to see the change reflected.

In my case to "fix" the problem I need to:

Log in over SSH as normal
Copy all contents of '~' to another location
Edit '~/.profile' to add 'ecryptfs-mount-private' at the end (prompts for password to decrypt home after successful SSH login)
Use 'ecryptfs-mount-private' to mount encrypted home
Change directory to home, even if it's the current directory (cd /home/my_user)
Copy files back into home directory
Profit!

Best Answer

Related Solutions

Ubuntu – Recovering eCryptfs partition with ecryptfs-recover-private not working

Ubuntu – Is ecryptfs only mounting private home directory over ssh

Related Question