Ubuntu – view the password of a mounted encrypted volume

bootencryptionlukspassword

First: yes, this was stupid, I know

A couple weeks ago I set up a new Ubuntu 18.04 machine, and included full disk encryption. It's been running since then, just locked at night. Today I was about to reboot it to update some software, and realized I wasn't entirely certain what the boot password is. (Well, at first I was certain I didn't remember it, but now I think I've remembered it.) Still, I'd like to be sure before I reboot.

I saw a post that said that ecryptfs-unwrap-passphrase should get me the information, but running it (with or without sudo) gets me a stat: no such file or directory error. I've found a video that shows me how to extract the master key and add a new passphrase, but I worry I'll screw something up and have to start over anyway.

Any help?

Best Answer

Full disk encryption uses cryptsetup to manage LUKS encrypted devices and not ecryptfs and ecryptfs-unwrap-passphrase is a part of ecryptfs-utils which I guess is not installed on your system and has nothing to do with your setup and encrypted volume.

The answer to your question is: No you can not see the passphrase of an encrypted LUKS volume.

What I suggest is using:

sudo cryptsetup open /dev/sdXY new_mapper

which /dev/sdXY is your encrypted partition, it will ask for your user password (sudo) and then for the passphrase. try different possible passphrases to find the correct one.

If your passphrase was wrong you will get an error:

No key available with this passphrase

otherwise (if it was correct) an message will show up complaining that device is already in use. then you are good to go and safe to reboot knowing what your passphrase is.