How to change ecryptfs (home cripted filesystem) password on ubuntu and get your files back

ubuntu

locked hard disk

Have you ever tried to change your user password in a pc with crypted home folder. Well, after doing it you will be not able to access your files anymore cuz your login password now defers from the password to open the ecryptfs of your home directory. Don’t worry! You can easily fix it just doing:

ecryptfs-rewrap-passphrase /home/.ecryptfs/$USER/.ecryptfs/wrapped-passphrase

It will ask for your old password and for the new one. Then just logout and login again and your documents will be decrypted automatically.

So when you change your user password (eg with passwd) remember to run also the command above!

Previous
How to install psycopg2 under virtualenv
Next
How to integrate mongoengine in pyramid
  • I am confused on one point. Which of the following is true:

    1. Upon the initial run of ecryptfs-setup-private, ecryptfs generates an encryption key (known as the ‘wrapping passphrase’) to encypt all files, then wraps (encrypts) that key using the usual login password.

    2. Upon the initial run of ecryptfs-setup-private, ecryptfs generates a secret encryption key to encypt all files, then wraps (encrypts) that key with the wrapping passphrase, then wraps (encrypts) the wrapping passphrase with the login password.

    3. Some other explanation.

  • From the manpage of ecryptfs-rewrap-passphrase i read:

    ecryptfs-rewrap-passphrase – unwrap an eCryptfs wrapped passphrase, rewrap it with a new passphrase, and write it back to file.

    So it’s seems we are in case 1 🙂 but if you look at the sources of that program you will figure out what it does for sure.

    See ya

  • Thanks a lot, this fixed two of my problems I ran into after installing Mint yesterday. The other was the shutdown button and restart from the login-screen. They wouldn’t work either, but now do as expected.

  • Thanks for the tip! It should actually be this though:

    ecryptfs-rewrap-passphrase /home/$USER/.ecryptfs/wrapped-passphrase

Leave a Reply

%d bloggers like this: