Ubuntu Security :: Encfs: Preserve Timestamps On A Shared Encrypted Folder?
Mar 2, 2010[URL]
encfs: preserve timestamps on a shared encrypted folder?
ADVERTISEMENT
Ubuntu Security :: Encfs: Preserve Ownership On A Shared Encrypted Folder?
Mar 3, 2010I would like to create an encrypted folder which can be shared by users included in the users group.To do so I used encfs:
Code:
cd somewhere
sudo mkdir encrypted visible
sudo chown root:users encrypted visible
sudo chmod 770 encrypted visible
encfs /somewhere/encrypted /somewhere/visible -o allow_other -o umask='007' -o uid='0'
Now if a user (included in users) creates a new document in the visible folder, that will be
Quote:
-rwxrwx--- 1 root users 0 2010-03-02 14:19 new file
While I would like it to be
Quote:
-rwxrwx--- 1 user users 0 2010-03-02 14:19 new file
Mounting encfs without the option uid='0' gives same results with only difference that instead of root the owner is the user who mounted encfs. Also copying a file owned by different user rather than root goes to the same: for example having in my home a file like
Quote:
-rwxr-x--- 1 me users 0 2010-03-02 14:30 myfile
and trying to copy it to the encrypted shared folder with
Code:
sudo cp -a -v ~/myfile /somewhere/visible
will give something like
Quote:
cp: failed to preserve ownership for `~/myfile': Operation not permitted
And the copied file on the shared encrypted folder will be as usual:
Quote:
-rwxrwx--- 1 root users 0 2010-03-02 14:30 myfile
Is there a way to mount encfs in order to preserve ownership?
Ubuntu Security :: Terminal Command To Tell Encfs To Not Decrypt Home Folder When I Log In?
Mar 21, 2010Is there a way for my home folder to not be automatically mounted when i log in? And for that matter a way to change the password from my log in password to something else?
View 2 Replies View RelatedUbuntu Security :: Encrypted Home Folder And DropBox
Mar 9, 2010I just installed 9.10 on my laptop and selected the option for home folder encryption. I am running DropBox and placed the DropBox folder on my desktop (meaning it should be encrypted when I am logged out.) So I have two questions:
1) Shouldn't this setup cause my DropBox files on the server to be encrypted? Apparently they are not because they appear as unencrypted text using the DropBox Web interface.
2) If they were encrypted on the server (which doesn't appear to be the case right now), how would it be possible to share them with another client unless the encryption on both clients were set up identically?
Ubuntu Security :: Recovering Encrypted Home Folder?
Jul 19, 2010Let's begin from the top. I have a relatively new laptop that I've been running Ubuntu on (along with a little-used Windows boot). Picked it up in November or so, installed the current "latest" version of Ubuntu at the time (9.10). I have been doing incremental upgrades, and it's been progressively breaking down more and more. Yes, this includes 10.04.
After GRUB stopped working, I decided it was time to try a reinstall from the top. I told it to leave all the other operating systems alone and do a full reinstall.
Fortunately, I had managed to stuff most of my current work in duplicate locations during this whole debacle, somehow. Don't ask me how I managed to do that when GRUB wasn't working. However, when I installed, I conscientiously said "Oh, yes, Ubuntu, encrypt my home folder! I love privacy!" As a result, about... 30 gigabytes of useful (but ultimately re-downloadable) material is rather inaccessible at the moment. When I try to boot the old system using the newly fixed GRUB, it goes into kernel panic. This seems like a no-go.
I have a saved hojillion-character long passphrase for decryption from my install back in November. Conscientiously saved in the case of just such an emergency.
I read this how-to and followed it to the letter as far as I could tell, trying to mount with ecrytfs to recover my data.
[USERNAME] here is a proxy for my actual username. Yes, the location of my old home folder may seem a little bizarre.
Code:
sudo mount -t ecryptfs /media/c82ca9fe-2b15-4aca-a98d-6482b1d80a32/home/[USERNAME]/ /home/[USERNAME]/oldhome
Passphrase:
Select cipher:
1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
[Code].....
Ubuntu Security :: Move Home Folder To Encrypted Partition?
Apr 11, 2010What are the steps I must take to move my existing home folder to a separate, encrypted partition? Can I create this partition without damaging my current partition? Where is a trusted location to download App Armor profiles? What else can I do to harden the security of Ubuntu?
View 1 Replies View RelatedUbuntu Security :: Cloning An USB Install With Encrypted Home Folder?
Mar 18, 2011I would like to give a few students a preconfigured Ubuntu USB stick with certain apps. I also encrypted the home folder in case of loss.
With TrueCrypt, cloning an encrypted container would be a big no-no because any one could just backup their header with a known pw and use it to decrypt anyone else's container due to each container using the same master key. I assumes the same applies to home folder encryption, yes?
Is there a way, other than creating a new user with home folder encryption, of forcing a master key change?
Ubuntu Security :: Constantly Having To Remount Encrypted Home Folder
Aug 16, 2011while since I've been here. I'm having an issue with a fresh install of 11.04. Due to work requirements, I encrypted my home folder, which is fine, however, it seems to randomly lock itself down while I'm working, and it's getting really annoying.
Apps stop working, I can't open nautilus (something about not being able to create certain folders because home is locked), hell, even the terminal link on my desktop says failed to launch application (though the launcher on the top panel works). I just have to run ecryptfs-mount-private and enter my password to fix it, but it's doing this every 15 minutes or so. what might cause it to relock itself so frequently? I would expect to not have to deal with mounting my private data, that should happen at login and be good until log out.
Ubuntu Security :: Home Folder - Reading Data Encrypted With Old Version
May 17, 2010If I wanted to transfer a home folder that was encrypted to another ubuntu computer could I? If I had a separate home partition that was encrypted, but I wanted to upgrade ubuntu to the latest version by doing a clean install is there an easy way so that I can still read the data encrypted with the old version?
View 5 Replies View RelatedUbuntu Security :: Access Encrypted Home Folder From Recover Mode?
Nov 26, 2010I logged in to Recover Mode ("Drop to root shell prompt") this morning to do something. Naturally, I wanted access to my encrypted home folder.
The README file says to run ecryptfs-mount-private. However, that command returns an error:
"ERROR: Encrypted private directory is not setup properly."
This cannot be correct, because if I log in normally, I get my home folder without any problem.
How can I access my encrypted home folder when I boot via Recover Mode?
Ubuntu Security :: Unable To Mount Home Folder Encrypted With ECyptfs
Jan 30, 2011After buying an IBM/Lenovo USB fingerprint reader model FP06 and installing Fingerprint GUI, have problems to mount my home folder encrypted with eCyptfs. I was using it since the first time i install Ubuntu 10.10 64 bits. After login from GDM, there are some ways to make it work:
1) open a terminal window and type ecryptfs-mount-private. This decrypt the home folder, but need to logout and login again to my personal preferences can be reached (bookmarks in nautilus, in firefox, etc). Each time the PC is rebooted, the same process is needed to made again.
2) before login in GDM, change to a tty1 terminal (ctrl-alt-F1) and login from here. The personal folder decrypt then without problems. Then change to GDM (ctrl-alt-F, login an everything works fine. What could be the fault from GDM to not mount the encrypted folder?
Software :: EncFS Failure - NFS Export Of A Reverse Encfs Mount
Apr 21, 2011I have an NFS share hosted at a file server for several machines. I set up an encfs encrypted file tree in this. First, I created a directory in the NFS mounted tree where I wanted the encrypted files to be store (/home/nfs/phil/private). Second, I created a mount point where I wanted to access those files in the clear view (/home/phil/nfs-phil-private). Third I mounted encfs with the simple command "encfs /home/nfs/phil/private /phil/nfs-phil-private". During this mounting, it asked me for a pass phrase to encrypt the files with. Fourth, I copied some files into "/phil/nfs-phil-private". I saw that files with cryptic names were created in "/home/nfs/phil/private", along with a file named ".encfs6.xml".
That was on one machine named "lorentz". Then I switched to another machine named "euler". I created the same mount point here (/home/phil/nfs-phil-private). I verified that /home/nfs/phil/private already existed, as did "/home/nfs/phil/private.encfs6.xml". So I tried the same "encfs /home/nfs/phil/private /phil/nfs-phil-private" command. This time it failed. Here is all the output up to the first prompt:
Code:
15:05:23 (FileUtils.cpp:375) Archive exception: stream error
15:05:23 (FileUtils.cpp:326) Found config file /home/nfs/phil/private/.encfs6.xml, but failed to load
Creating new encrypted volume.
[code]....
The first two lines certainly appear to be some kind of error. I can cat the .encfs6.xml files just fine, so I do have permission to read it. It had not even prompted me for a password, yet. Anyone know what the deadl with this is? A possible cause is that the first encfs is version 1.6.1 (ubuntu 10.10 packaged as 1.6.1-1) and the second encfs is version 1.5.2 (ubuntu 9.10 packaged as 1.5.2-1).
Ubuntu Servers :: Sharing An Encfs Non Public Folder With Samba?
Jun 7, 2011I've been trying to share a folder with samba. This folder is the decrypted version of an encfs encrypted folder. Mounting the decrypted folder on the server is done automatically on login using gnome-encfs. Exposing the folder locally works like a charm. Now where I get stuck is trying to access the samba share from a client (even with smbclient on the server itself). I can see the share with smbclient -L:
tijm64@tijm64-HTPC:~$ smbclient -L 192.168.1.100
Enter tijm64's password:
Domain=[TIJM64] OS=[Unix] Server=[Samba 3.4.7]
[Code].....
Ubuntu Security :: CryptKeeper And Encfs ?
Feb 24, 2010I could not find details of what CryptKeeper was doing and I worked this out. It shows how to open and close CryptKeeper files using encfs form the command line. I hope this helps others.
Ubuntu karmic 9.10. CryptKeeper 0.9.4-1 encfs 0.5.2-1ubuntu1 also works in Mint8. Tom Morton author of CryptKeeper site: [url]
How Gnome Cryptkeeper works with encfs
In CryptKeeper create a new encrypted folder:
The directory above is created and also another hidden one called: /home/ian/.aaaaaaxxxxTestCryptKeeper_encfs which contains one hidden file called .encfs6.xml. As you create additional folder and files in the /home/ian/aaaaaaxxxxTestCryptKeeper additional folders and files with encrypted names are created in /home/ian/aaaaaaxxxxTestCryptKeeper 4L9KBI4IeoAKOoZ,IwzVyn2VPGysXt-JCbStUej5Ewnn90. These mirror any files and folders which you create in the encrypted directory except that there names and contents are totally encrypted.
The above CryptKeeper directory can be created anywhere within the Linux file system, for example, on another partition. In each case two directories are created within the parent (in this example /home/ian/), one with the original directory name, the other preceeded with a "." and followed by "_encfs".
How to open a directory created with CryptKeeper using encfs.
Provided you copy the directory like .aaaaaaxxxxTestCryptKeeper_encfs and all its contents, it can be opened anywhere using the following command. (Note that full path names are needed.)
encfs /home/ian/.aaaaaaxxxxTestCryptKeeper_encfs /home/ian/aaaaaaxxxxTestCryptKeeper
The mount command will then show:
If /home/ian/.aaaaaaxxxxTestCryptKeeper_encfs does not exist you will asked if you wish to create it and you will be asked for a password twice. In this case it will not be in CryptKeeper unless you then import it.)
If it is a CryptKeeper file then it appears in CryptKeeper file list as opened and can be closed from there. To close from the command line type:
Note unmount will not work for these files.
Ubuntu Security :: How To Disable Encfs
Jun 19, 2011Set up a few machines yesterday to test out some parallel code. Just for fun, I selected the "encrypt users files" option when setting up Ubuntu (10.10). I had never used the option in years past. Now I'm finding it a pain. EG., ssh requires me to already have a login to the machine before it will let me log in w/o a password (eg., using id_rsa.pub and authorized_keys).
Similarly, I have no reason to encrypt files on these machines. They're just crunching numbers. Is there an easy way to disable this? Or do I need to delete my original user and make another one (with all the su privelages, etc...) w/o an encrypted file system / home directory.
Ubuntu Security :: Encfs: MAC Comparison Failed
Jul 7, 2011I'm running 11.04 (64 bit) get the following in my syslog
[Code]....
1) Why is this happening
2) How can it be fixed
3) How can it be avoided
Ubuntu Security :: Main Encrypted LVM Not Accessible After Deleting A Different Encrypted LVM On USB HD
Mar 7, 2011I installed Ubuntu 10.10 64 on my laptop with the entire 500gb setup as encrypted LVM. This has worked well for several months with no problems. During this time i have been backing up the data to an external usb drive (1tb) on a regular basis. The usb drive was not encrypted. So, I thought it would be a good idea to encrypt the backup drive too. I wiped out the backup drive and set it up as one large encrypted lvm and mbr. This seemed to work fine but immediately afterwards I decided to erase that and set it up as encrypted lvm guid instead of mbr. I couldn't delete it while logged into my desktop so i decided to do it from a bootable gparted usb stick. In gparted i erased the 1TB backup drive once again and planned on setting it up the way I wanted once I was logged back into my ubuntu desktop. Now I cant boot into my desktop with the following errors:
cryptsetup: evms_activate is not available b0d) does not begin with /dev/mapper/
Then after waiting for a few minutes I get an error followed by (initramfs)
When booting from a live version of ubuntu the 250MB boot patition is recognized and 500 partion is there but it is labeled as empty/unused.
Also, I did choose to use the exact same passphrase as what is used on the main bootable drive when I set up the encrypted partition on the external 1TB drive.
Ubuntu Security :: Right Click - Automatically Get The Encrypt Process To Delete The Un-encrypted File When It Makes The New Encrypted Copy?
Jan 5, 2010I've just started using ubuntu one. However, some of the files I store on there are sensitive so I encrypt them using seahorse. Right click, encrypt etc etc. My question is, is there a way to automatically get the encrypt process to delete the un-encrypted file when it makes the new encrypted copy?
View 6 Replies View RelatedUbuntu :: Shared Folder Is No Longer Shared After Rebooting?
Aug 13, 2010I have two partitions: one for Ubuntu 64-bit and another one with the format NTFS only for keeping documents. I have shared one folder of this NTFS partition, but every time I reboot the PC (or shutdown and start again for that matter) the folder is no longer shared.Why?How can I prevent this folder to be un-shared when I reboot the computer?
View 3 Replies View RelatedUbuntu :: VBox Shared Folder Both Way / Access To Certain Folder In Win7?
May 26, 2010- I have ubuntu installed, and win7 is installed using vbox.
- I know how to set shared folder, so win7 can access the folder in ubuntu.
- I need to have an access to certain folder in win7 from ubuntu.
How can I do that?It is not about samba, right?
Ubuntu Servers :: VPN Shared Folder / Make A Folder?
Aug 31, 2010I am attempting to make a shared folder for people that VPN into the network. This folder needs to be accessible to windows and mac machines. So far I have the VPN through ppptd working. I just don't know how to make a folder. I feel like this should be fairly easy. I am using Lucid Lynx server edition.
View 1 Replies View RelatedGeneral :: Unable To Share Folder In Suse 10.0 / Folder Defaults To Not Shared
May 13, 2010I wanted to enable file sharing in for one of my folders under the home directory. I noticed that the 'not shared' and 'shared' always defaulted back to 'not shared'. And now I see what looks like an electrical plug icon symbol over the folder icon symbol like I might see used for some of the root folders. What does the new icon indicate about the folder attributes and why does file sharing default to 'not shared'?
View 1 Replies View RelatedUbuntu :: How To Know Home Folder Is Encrypted
Jul 13, 2010I can't remember if i choose encrypt my home folder when i first install ubuntu.
is there a way to know if it's encrypted?
Ubuntu :: Undo Encrypted Home Folder?
Feb 10, 2010I recently did a clean install of Ubuntu 9.10 and when I did I chose to have /home on it's own partition and have it encrypted. The more I think about it the more I regret this decision. What if I want to switch distros down the road? What if I have to boot from a live cd to back up files? Is there a way to "undo" the encrypted home folder permanently? I don't mind having it on it's own partition, it's just the encryption that makes me worry.
View 1 Replies View RelatedUbuntu :: Backing Up Encrypted Home Folder?
Feb 13, 2010I recently installed Ubuntu Karmic on my netbook (I tried netbook remix but preferred the look of the regular desktop edition). When during installation, the option to encrypt the home folder appeared, and being mildly paranoid I thought, "sure, why not?" (I must warn you that I am a new user with little technical knowledge other than what I have managed to gather in a semi-passive manner over the past couple of months). The problem is, I (try to) backup my data weekly, and so today I gave it a shot (I got the desktop edition a week ago). I have encountered the following problem.
I backup my system following (approximately) the instructions at [URL] for Backup The exact command I enter at backup is:
sudo tar -cvpjf 2010.02.13.tar.bz2 --exclude=/proc --exclude=/lost+found --exclude=/sys --exclude=/mnt --exclude=/media --exclude=/home/dan/music /
(I exclude my music folder as it is huge and I already have it all in several other locations) When I executed this command all ran smoothly for a while, however it soon began backing up the directory /home/.ecryptfs/dan/.Private At this point, it started backing up the huge number of files in this directory. I assume these are encryption keys? Forgive my ignorance... Anyway, it took several hours going through this folder, and finally bzip gave up, complaining of excessive file size:
bzip2: I/O or other error, bailing out. Possible reason follows.
bzip2: File too large
Input file = (stdin), output file = (stdout)
I assume that excluding the encryption keys and such from the backup would be a bad idea: I guess that if I did not restore the relevant directories along with my home folder, it would be inaccessible? Is there a way to avoid backing up such a large amount of data?
Ubuntu :: Mount A Encrypted Folder Using Cyptkeeper?
Jul 17, 2010Trying to mount a encrypted folder using cyptkeeper. i'm getting the following error box.
Quote:
The encrypted folder could not be mounted because the mount point is not empty:
I've tried to mount this folder through another partition and OS without any luck, i got the same message.
Ubuntu :: Decrypt Encrypted Home Folder?
Nov 15, 2010How to decrypt encrypted home folder?Which is already encrypted ?
View 9 Replies View RelatedUbuntu :: Can't Access Encrypted Home Folder?
Feb 16, 2011I had issues on my last install , I couldn't boot into it cause I accidentally uninstalled python 2.6 and everything it was attached to. So I reinstalled on a separate hard drive, I can see my other file system from the media folder but the only thing in my home dir isthese 2 files 1 read methatsaysPHPCode:THIS DIRECTORY HAS BEEN UNMOUNTED TO PROTECT YOUR DATA.From the graphical desktop, click on: "AccessYour Private Data"orFrom the command line, run: ecryptfs-mount-private and then this file Access-Your-Private-Data.desktopbut when I click it and try to run it I get thisrrorPHPCode:Untrusted application launcherThe application launcher "Access-Your-.desktop" has not been marked as trusted. If you do not know the source of this file, launching it may bensafe.
View 7 Replies View RelatedUbuntu :: How To Change The UID Of A User With An Encrypted Home Folder
Sep 18, 2010Just did a new netbook install of Lucid. Went through the setup, putting in my usual username etc. But I thought as it's a portable, I'd better select the encrypted home folder option. All went OK.
I have a home network with a NAS and I needed to change the UID to 1004 to match the rest of the network.
That's when it all when wrong. If I do that, I end up with no permissions on the user folder. A bit of a paradox, you can't change UID if logged in, but unless you're logged in, can't access the files.
My attempts to get around it by changing UID's back chowning, changing back etc. have screwed things up completely.
I have managed to open the encrypted folder and chown, but after a reboot it's all back to the original UIDs, but now I can't get in at all.
Ubuntu :: Doing A Re-install: How To Keep Access To Encrypted Home Folder
Oct 10, 2010I'm still running 9.10, but now would like to install 10.10. Now I'm wondering about how to keep access to my encrypted home folder.
Usually, I don't do an 'upgrade', but a fresh re-install. I have a separate /home partition, so normally this works just fine. However, my home directory is encrypted (a feature that was introduced with 9.10, I believe).
So, if I whack the system partition and do a fresh reinstall there, will the new install still be able to read my home directory? Or do I need to save a key file from somewhere?
