Saturday, December 14, 2019

Recovering .ecryptfs files

I have some old backups, including the .ecryptfs directories.

After several searches, what worked is:

  1.  Check the key signatures: cat .ecryptfs/Private.sig 
  2. Try to remember the password, and
    ecryptfs-unwrap-passphrase .ecryptfs/wrapped-passphrase
  3. With the result, do
    echo $UNWRAPPED |ecryptfs-add-passphrase --fnek - 
If the result of ecryptfs-add matches the Private.sig, mount the disk with the magic command:

mount -i -t ecryptfs   -o ecryptfs_sig=$FIRST_ID,ecryptfs_fnek_sig=$SECOND_ID,ecryptfs_cipher=aes,ecryptfs_key_bytes=16   .Private/ $DEST