0

I installed Ubuntu and encrypted the home folder. Then I forgot the login password and tried to change it:

  • from the recovery mode, I've selected the root shell and at the prompt I entered:

    mount -rw -o remount /

    passwd username

    init 2

  • during the init 2 command the power cut off and the computer shut down. After restart I couldn’t login at all. Then I remembered the login password and tried to set it:

  • from the recovery mode,at the root shell prompt I entered:
    mount -rw -o remount /
    passwd username
    Restore the old password
    reboot
    Now I cannot login in the system any more.
    I attached the drive with the encrypted home folder to an Ubuntu system and navigated to the home folder. This is the folder tree structure of it:

home/adrian/cache/wallpaper/photo
...................../Access-your-Private-Data.desktop (Note:it’s a text file with the content:
..............................................................................[Desktop Entry]
..............................................................................._Name=Access Your Private Data
..............................................................................._GenericName=Access Your Private Data
...............................................................................Exec=/usr/bin/ecryptfs-mount-private
...............................................................................Terminal=true
...............................................................................Type=Application
...............................................................................Categories=System;Security;
...............................................................................X-Ubuntu-Gettext-Domain=ecryptfs-utils)
....................../ReadMe.txt (Note:it’s a text file with the content:
.............................THIS DIRECTORY HAS BEEN UNMOUNTED TO PROTECT YOUR DATA.

..............................From the graphical desktop, click on:"Access Your Private Data"
.............................or from the command line, run: ecryptfs-mount-private)

......................./.ecryptfs (Note: the file contains a broken link: it points to "/home/.ecryptfs/-adrian/.ecryptfs" the folder name “adrian” has been replaced with “-adrian”)
......................./.Private (Note: the file contains a broken link: it points to "/home/.ecryptfs/-adrian/.Private" the folder name “adrian” has been replaced with “-adrian”)

home/ecryptfs/adrian/.ecryptfs/auto-mount
..................................................../auto-umount
..................................................../Private.mnt
..................................................../Private.sig
................................................... /wrapped-passphrase
..................................................../.wrapped-passphrase-recorded

...................................../.Private (Note: the folder contains both folders and files with links that point to the folders- some links are broken they point to nonexistent folders: folders’ names have been corrupted again)

The followings are copied from a terminal window and from the “syslog” file:

adi@adi-1:/$ sudo ecryptfs-mount-private /media/adi/d2bc773c-93e3-43e2-b1bc-e2d2430030cb/home/.ecryptfs/adrian/.Private
[sudo] password for adi:
ERROR: Encrypted private directory is not setup properly

adi@adi-1:/$ sudo ecryptfs-recover-private /media/adi/d2bc773c-93e3-43e2-b1bc-e2d2430030cb/home/adrian/.Private
INFO: Searching for encrypted private directories (this might take a while)...
find: ‘/run/user/1000/doc’: Permission denied
find: ‘/run/user/1000/gvfs’: Permission denied

adi@adi-1:/$ sudo umount /run/user/1000/gvfs

adi@adi-1:/$ sudo umount /run/user/1000/doc

adi@adi-1:/$ sudo ecryptfs-recover-private /media/adi/d2bc773c-93e3-43e2-b1bc-e2d2430030cb/home/adrian/.Private
INFO: Searching for encrypted private directories (this might take a while)...
INFO: Found [/media/adi/d2bc773c-93e3-43e2-b1bc-e2d2430030cb/home/.ecryptfs/adrian/.Private].
Try to recover this directory? [Y/n]: Y
INFO: Found your wrapped-passphrase
Do you know your LOGIN passphrase? [Y/n] Y
INFO: Enter your LOGIN passphrase...
Passphrase:
Error: Unwrapping passphrase and inserting into the user session keyring failed [-5]

Syslog:

adi-1 ecryptfs-insert-wrapped-passphrase-into-keyring: Incorrect wrapping key for file [/media/adi/d2bc773c-93e3-43e2-b1bc-e2d2430030cb/home/.ecryptfs/adrian/.Private/../.ecryptfs/wrapped-passphrase]

adi-1 ecryptfs-insert-wrapped-passphrase-into-keyring: Error attempting to unwrap passphrase from file [/media/adi/d2bc773c-93e3-43e2-b1bc-e2d2430030cb/home/.ecryptfs/adrian/.Private/../.ecryptfs/wrapped-passphrase]; rc = [-5]

adi@adi-1:/$ sudo ecryptfs-unwrap-passphrase /media/adi/d2bc773c-93e3-43e2-b1bc-e2d2430030cb/home/.ecryptfs/adrian/.ecryptfs/wrapped-passphrase
Passphrase:
Error: Unwrapping passphrase failed [-5]

Syslog:

adi-1 ecryptfs-unwrap-passphrase: Incorrect wrapping key for file [/media/adi/d2bc773c-93e3-43e2-b1bc-e2d2430030cb/home/.ecryptfs/adrian/.ecryptfs/wrapped-passphrase]

The login passphrase is the right one and I used it to log into the system.
Does anyone know what to do next? Could I use R-linux to search for the previous versions of the files that are now corrupted and try to replace them with the original ones? Thanks for help, andrew

andrew262
  • 1
  • You probably need to erase and reinstall the system. Encrypted drives and partitions need the password to decrypt them. There's no accessing the drive/partition or changing the password without the password it was encrypted with. That's not just an access policy, the password is built into the encryption process. – pell Jul 15 '23 at 13:10
  • You may be able to delete just the partition that is corrupted and create a new one using fdisk or cfdisk. – pell Jul 15 '23 at 13:17

0 Answers0