Ubuntu Security :: How To Recover Encrypted Home Partition
Apr 26, 2010
While setting up my laptop on a new hard drive (a bad mobo caused writes which pretty much rendered teh old hdd unusable) I was asked if I wanted to encrypt my home partition.
I've been wanting this for several years - even going as far as trying to get a copy of CheckPoint. That's waht my organization uses on all Wintendo laptops and is required.
In any case, I said "yes" and am happily using my laptop with an encrypted home partition. I'm assuming based on this - [URL] - that it is using EncryptFS as the scheme.
if I were to misplace my laptop, how easy would it be for a forensics team to retrieve my data. Let's assume I have a fairly strong passphrase, such as BisZumBitterenEnd3. [URL]
View 5 Replies
ADVERTISEMENT
May 3, 2010
I had some major problems after the recent Ubuntu upgrade and had to boot from a live cd. I have a separate /home partition, but it was encrypted using the default install encryption in the 9.10 install cd. How can I get to my files so I can back them up?
I have tried this but it did not work: http://ubuntuforums.org/showthread.php?t=1337693
View 9 Replies
View Related
Nov 26, 2010
I logged in to Recover Mode ("Drop to root shell prompt") this morning to do something. Naturally, I wanted access to my encrypted home folder.
The README file says to run ecryptfs-mount-private. However, that command returns an error:
"ERROR: Encrypted private directory is not setup properly."
This cannot be correct, because if I log in normally, I get my home folder without any problem.
How can I access my encrypted home folder when I boot via Recover Mode?
View 2 Replies
View Related
Apr 11, 2010
What are the steps I must take to move my existing home folder to a separate, encrypted partition? Can I create this partition without damaging my current partition? Where is a trusted location to download App Armor profiles? What else can I do to harden the security of Ubuntu?
View 1 Replies
View Related
Nov 22, 2010
Dummy me let root run out of space because I didn't know to use logrotate. I was able to compress the system logs but not before the damage was done me thinks; now the computer is unbootable. I booted from a LiveCD and got my old partitions mounted under /media/oldroot to try and recover files; however, I forgot that I had encrypted my home. I found [URL] and was following it; however, I seem to run into a bunch of path issues after I chroot.
The chroot command returns:
bash: groups: command not found
The su command returns:
-su: cut: command not found
-su: getent: command not found
-su: expr: command not found
-su: groups: command not found
Finally, the ecryptfs-mount-private command returns:
-su: ecryptfs-mount-private: command not found
I have separate partitons for /, /home, /tmp, /usr, and /usr/local and bothered to mount the first 2. (If only I had been ambitious enough to create a /var). I was running Ubuntu 10.10.
View 1 Replies
View Related
Jun 14, 2011
so, after long time of succesfull use of kubuntu, i encountered a 1st major disaster yesterday while using kphotoalbum. It has somehow frozen my machine in so mighty way, that it apparently corrupted a directory with majority of my pictures , which now appears to be empty .My home lies on a separate partition, its encrypted aand using btrfs and I am using kubuntu 10.10. So, could anyone give me some clues how to unencrypt my home partition, that i could obtain an image of partition or whatever else usable for photorec to check for pictures?
View 5 Replies
View Related
May 16, 2011
I upgraded from ubuntu 9.10 to 11.04. During installation (Natty) I chosen the option to encrypt the home folder. After a day the system crashed. It was showing that disk is having health problems. If I boot from live cd then i cant access the home folder. When I tried to mount the home folder, it says "Reading directory: input/output error"
Because I used Karmic without problem I reinstalled the Karmic, then I can mount the home folder, but cant access it as it was encrypted.Now Karmic is installed. I tried to boot from Live CD of Natty and tried to mount /home folder, it says some super-block issues.How to access the files in the home folder?
View 4 Replies
View Related
Jan 29, 2010
Well the title says it all. Royal screw-up! I accidentally formatted two Windows partitions inside a Pointsec encrypted hard drive using gparted from a liveCD (in USB). Is there a way to recreate these partitions? If not the whole partition, at least be able to recover everything inside My Documents.I ran TestDisk and it will not see any of the two partitions that existed in the drive.
View 1 Replies
View Related
Oct 11, 2010
I am facing a serious problem.I installed UBUNTU 10.04 and encrypted it during installation. I accidentally erased some of the necessary files from root folder. now the the OS is NOT booting.luckily i still have the encryption key i have some important documents in that drive (desktop folder).
PS: I have tried to run Live Ubuntu it shows the Root, but it does not enter any of the folder.
View 14 Replies
View Related
Mar 15, 2010
During the installation of Ubuntu Karmic, I picked the option that encrypts my home directory.
A few questions:
(1) Shortly after installation, I was asked to run a command to print a key necessary for data recovery from a rescue CD. I didn't run it at the time and am now looking for the command to run. What is it?
(2) I think I read somewhere that this also encrypts swap. Great. Correct me if that's wrong.
(3) If I suspend the machine, is my home directory encrypted? That is, if I have this on a laptop and travel with the suspended laptop and someone steals it, are my data safe, or not?
(4) I assume the weakest point in the system is my relatively short login password (but I think the install tests it and found it okay). Is there a recommendation how long this should be?
View 3 Replies
View Related
Jul 10, 2010
I have a dual boot WinXP / Kubuntu system. Recently, I tried to upgrade from 9.10 to 10.04. I have my Kubuntu partition set up with separate partitions for / , /home , and swap. Naturally, I wanted to wipe the slate clean, so I formatted / and left /home alone before doing the install. However, my /home partition was encrypted with the standard crypto that you get when you install. I just deleted the way in by wiping my / partition. Now all of my files are on my drive but encrypted. I do have the unencrypted passphrase given to me when the hard drive was first encrypted, so I am sure there is some way to get my files, but I am unsure how to apply it.
View 9 Replies
View Related
Aug 30, 2010
I have stupidly and inadvertently formatted my home partition on my other system while trying to 'downgrade' to Ubuntu 9.10. I have isolated the hard drive and am currently using Testdisk to discover the partitions on there. The scan hasn't yet finished however it appears there are two entries of each partition.
Here:
Linux 0 1 1 4012 254 57 64468776
Linux 0 1 1 4012 254 57 64468776
Linux 4013 0 1 14032 254 59 160971296
Linux 4013 0 1 14032 254 59 160971296
Linux 9079 0 1 14032 254 61 79586008 [home]
Linux 9079 0 1 14032 254 61 79586008 [home]
When attempting the downgrade, I was wanting to keep the home folder (and root and swap) all at the same size. I am pretty sure I fouled up by trying to revert the file system type to ext3 from ext4. Which partition out of the two 'home' ones, I should be attempting to keep? I cannot see a difference between them but this is how testdisk has reported the drive. Apart from the standard 'back up everything next time' and more fitting for me 'pack up your PC and never use it again!', does anyone have any specific advice on recovering my original home partition?
View 1 Replies
View Related
Mar 9, 2010
I just installed 9.10 on my laptop and selected the option for home folder encryption. I am running DropBox and placed the DropBox folder on my desktop (meaning it should be encrypted when I am logged out.) So I have two questions:
1) Shouldn't this setup cause my DropBox files on the server to be encrypted? Apparently they are not because they appear as unencrypted text using the DropBox Web interface.
2) If they were encrypted on the server (which doesn't appear to be the case right now), how would it be possible to share them with another client unless the encryption on both clients were set up identically?
View 7 Replies
View Related
Jun 11, 2010
I'm using 10.04 with encrypted home dir. I think the behavior below is wrong:
I can log in as root and change user's password. After that the user can log in using new password, which is normal, but it can also decrypt its home dir using the new password, which is dangerous. Assume I lost my computer. This encrypted home dir will not protect my private data because whoever gets the computer can boot it up with a livecd and chroot to change my user's password and then boot up my system and log in using new password.
View 3 Replies
View Related
Jul 19, 2010
Let's begin from the top. I have a relatively new laptop that I've been running Ubuntu on (along with a little-used Windows boot). Picked it up in November or so, installed the current "latest" version of Ubuntu at the time (9.10). I have been doing incremental upgrades, and it's been progressively breaking down more and more. Yes, this includes 10.04.
After GRUB stopped working, I decided it was time to try a reinstall from the top. I told it to leave all the other operating systems alone and do a full reinstall.
Fortunately, I had managed to stuff most of my current work in duplicate locations during this whole debacle, somehow. Don't ask me how I managed to do that when GRUB wasn't working. However, when I installed, I conscientiously said "Oh, yes, Ubuntu, encrypt my home folder! I love privacy!" As a result, about... 30 gigabytes of useful (but ultimately re-downloadable) material is rather inaccessible at the moment. When I try to boot the old system using the newly fixed GRUB, it goes into kernel panic. This seems like a no-go.
I have a saved hojillion-character long passphrase for decryption from my install back in November. Conscientiously saved in the case of just such an emergency.
I read this how-to and followed it to the letter as far as I could tell, trying to mount with ecrytfs to recover my data.
[USERNAME] here is a proxy for my actual username. Yes, the location of my old home folder may seem a little bizarre.
Code:
sudo mount -t ecryptfs /media/c82ca9fe-2b15-4aca-a98d-6482b1d80a32/home/[USERNAME]/ /home/[USERNAME]/oldhome
Passphrase:
Select cipher:
1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
[Code].....
View 9 Replies
View Related
Nov 13, 2010
I've just reinstalled my box with an encrypted home (used the encrypt home option when installing). I have a query in this regard - suppose I lose the box. Won't it be possible for someone to drop into root, reset my passwd and then access my /home. Is there anyway of having a different passwd for accessing /home? My ~ is on a different partition from /.
View 3 Replies
View Related
May 26, 2010
I have an Acer Aspire One, Model ZG5 (also known as the 110 with 8GB SSD) which originally came with Linpus Lite installed on it.
I previously had 9.10 installed which was great, but I've done a fresh install of UNR 10.04 since I had a full /home partition and wanted to set up with more space.
This time, I opted for a larger /home drive (~4GB) and also to have it encrypted, which is a good idea for netbooks given their portability (and I have no idea why I didn't do it before!). Since I had very little space on my 8GB drive (if I wanted a larger /home) then I installed /home onto a separate partition, which is located on a 16GB SD card which lives in my machine permanently.
Installation was a breeze, and encryption seems to work fine. I have verified it and it seems to be working. However, I've now hit two related problems - one of which is to do with Thunderbird, and one which is an issue with the encrypted /home drive.
Firstly, I have a large gmail account which I like to replicate offline in Thunderbird (am using v 3.0.4). My online gmail tells me that I'm using 1.4GB of data space online. Using the old T'bird (v2.whatever) my offline T'bird storage was approximately the same size. This is not now true of my current offline storage file size, which is showing at 3.2GB for the same data. I started with a clean slate, just installing T'bird, setting up my account and then leaving it to download all data from Google.
Anyone know why this offline size is so much bigger than the online storage size or even the previous offline storage size?
Secondly, the encrypted /home drive. Given that I needed I put this on a separate card and partition, I had hoped to escape any issues with not having enough space. However, my system is now telling me that /home is out of space...
Specifically, I can see that I have used 3.6 of my 3.8GB storage for /home. This is due to the large size of my offline storage folder.
As I see it, I need to do one of two things (possibly both) - reduce the size of my offline e-mail storage, and increase the size of my /home partition.
Reducing the offline storage will be about finding out why it's so big in the first place.
However, if I wanted to increase the size of my encrypted /home file how would I do this? I have used gparted to make additional space after it - so I could increase the size if it's possible, but I am a little concerned.
If I just increase the size of the partition, would this work? Are there issues with the fact that it's an encrypted partition? What should I be aware of if I wanted to increase an already in-use partition, and how should I best go about this?
Do I need to do it from a live USB image?
View 2 Replies
View Related
Dec 17, 2010
I'm wiping out / on an Ubuntu box but want to keep everything in /home/, which is mounted on a different partition. Using Code: ecryptfs-unwrap-passphrase ~/.ecryptfs/wrapped-passphrase I have unwrapped the passphrase, resulting in a ~25 character alphanumeric string. Is it possible for me to install from a disk and give the installer the (current) passphrase so that it will automatically mount my home directory?
View 3 Replies
View Related
May 2, 2011
My hard drive has the following partitions:
/dev/sda1 ntfs (reserved for system)
/dev/sda2 ntfs (win7)
/dev/sda3 extended partition with the following:
[code]....
View 3 Replies
View Related
May 2, 2011
i was using 10.10 and this disaster occured when i tried to install 11.04 replacing 10.10. i have a separate home partition, while installing 11.04 i chose one weird option called "encrypt home partition"i didnt chose to format the home partition but once the installation is over, i have all my data lost in home directory.Is ther any chance that i could get the 165 gb junk data or atleast some 200 mb of important data
View 1 Replies
View Related
Jul 20, 2010
I want to carry Ubuntu with me everywhere on a LiveUSB but I want to encrypt the home with a strong passphrase in case it is lost or stolen. How do I do that?
View 1 Replies
View Related
Aug 28, 2010
I would just like to know how to, and know if its secure to run the following programs WHILE LOGGED OUT of Ubuntu: openvpn, deluge, and if it can be securely done while the home directory is encrypted.
View 6 Replies
View Related
Mar 18, 2011
I would like to give a few students a preconfigured Ubuntu USB stick with certain apps. I also encrypted the home folder in case of loss.
With TrueCrypt, cloning an encrypted container would be a big no-no because any one could just backup their header with a known pw and use it to decrypt anyone else's container due to each container using the same master key. I assumes the same applies to home folder encryption, yes?
Is there a way, other than creating a new user with home folder encryption, of forcing a master key change?
View 8 Replies
View Related
Aug 16, 2011
while since I've been here. I'm having an issue with a fresh install of 11.04. Due to work requirements, I encrypted my home folder, which is fine, however, it seems to randomly lock itself down while I'm working, and it's getting really annoying.
Apps stop working, I can't open nautilus (something about not being able to create certain folders because home is locked), hell, even the terminal link on my desktop says failed to launch application (though the launcher on the top panel works). I just have to run ecryptfs-mount-private and enter my password to fix it, but it's doing this every 15 minutes or so. what might cause it to relock itself so frequently? I would expect to not have to deal with mounting my private data, that should happen at login and be good until log out.
View 3 Replies
View Related
Jul 17, 2010
Around six months ago (last time I reinstalled Ubuntu 9.10), on a whim I decided to check that option to "encrypt [my] home directory". I wanted to see what it was like. Mistake. Since then, I've been unable to figure out how to access the data in my home directory using any method besides booting the computer (usb drive, rip-out-and-stick-it-in-an-enclosure, etc.). Specifically, I find that shell script sitting there that tells you to run it in order to see your files, but it gives some kind of error. I also still have the code Ubuntu tells you to write down in order to decrypt your files.
Fast forward to this past week. I brought in the laptop to Best Buy for repairs to the hinge (the hinge! Ace Hardware could fix this problem! But I wanted to make full use of the service plan.), and I got a phone call a few days later, saying that it hit Best Buy's "No Lemon" policy. They were going to keep my computer and give me in-store credit toward a new one. Of course, I refused to pay ~$70 for them to back up my data for me; what could possibly happen to it when they were fixing a hardware problem?
Anyways, I pleaded with them for my hard drive back, and they said that they could ship the hard drive back to the store so I could get my data off of it. I'm planning on going in there with my external backup hard drive and an external enclosure and doing it myself at the counter (If they charge $70 to back up a Windows partition, how much more will they charge for an encrypted Linux one?). I don't want to embarrass myself by standing around and not being able to get into my own data.
View 7 Replies
View Related
Jul 24, 2011
First off I'm new to the openSUSE community and would just like to say So, to the issue at hand. I recently switched to openSUSE 11.4 from Debian. I noticed the setup didn't have an option encrypt the home folder like it does in Debian, so not being aware of any other way to encrypt it, I created a new partition, backed up my current home directory, created a new partition and mounted it as home before copying in the contents of the backup to the encrypted home partition I created. Now of course it is askingme to put the crypto password in at each boot, which isn't ideal because it's a family machine and no-one would remember the password but me. Is there any way of being able to automount the encrypted partition without having to put the key in every time? Or better yet an encrypted home folder that doesn't require the key to be put in on each login (as in Debian) without even using a dedicated partition.
View 4 Replies
View Related
Jan 3, 2010
Not using filename encryption when you create a new encrypted folder is easy, but how to disable it in the home encryption that is automatically set up by the Karmic installation CD?
View 1 Replies
View Related
May 17, 2010
If I wanted to transfer a home folder that was encrypted to another ubuntu computer could I? If I had a separate home partition that was encrypted, but I wanted to upgrade ubuntu to the latest version by doing a clean install is there an easy way so that I can still read the data encrypted with the old version?
View 5 Replies
View Related
Aug 17, 2010
Lately i just reformatted my laptop again and created a encrypted home drive using the default.It prompt for my password and then i key it into the terminal.Then the terminal closed it.How to justify that the home drive is encrypted and decrypted during login?Beside that,if it is encrypted and what kinda extension is drive gonna?Apart from that,i used cryptkeeper to create a encrypted folder.How do i know if the folder is encrypted beside it prompt for me to enter my password?
View 7 Replies
View Related
Jan 30, 2011
After buying an IBM/Lenovo USB fingerprint reader model FP06 and installing Fingerprint GUI, have problems to mount my home folder encrypted with eCyptfs. I was using it since the first time i install Ubuntu 10.10 64 bits. After login from GDM, there are some ways to make it work:
1) open a terminal window and type ecryptfs-mount-private. This decrypt the home folder, but need to logout and login again to my personal preferences can be reached (bookmarks in nautilus, in firefox, etc). Each time the PC is rebooted, the same process is needed to made again.
2) before login in GDM, change to a tty1 terminal (ctrl-alt-F1) and login from here. The personal folder decrypt then without problems. Then change to GDM (ctrl-alt-F, login an everything works fine. What could be the fault from GDM to not mount the encrypted folder?
View 8 Replies
View Related