*** This bug is a duplicate of bug 1718658 ***
https://bugs.launchpad.net/bugs/1718658
Doing a manual mount like so (used for safely storing private data in
the cloud) used to work since Ubuntu 12 or so.
However, today after updating from Ubuntu 16.04 LTS to 18.04 LTS, the
entire thing wouldn't mount anymore:
```
$ echo mypassphrase | sudo ecryptfs-add-passphrase --fnek -
Inserted auth tok with sig [abc] into the user session keyring
Inserted auth tok with sig [123] into the user session keyring
$ sudo /bin/mount -it ecryptfs "/media/locked" "/media/unlocked" -o
ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecryptfs_sig=abc,ecryptfs_fnek_sig=123
mount: /home/local/Dropbox.unlocked: mount(2) system call failed: No such file
or directory.
```
I read the following messages in `/var/log/syslog`:
```
kernel: [ 5608.396634] Could not find key with description: [abc]
kernel: [ 5608.396641] Could not find valid key in user session keyring for sig
specified in mount option: [abc]
```
Apparently there are different keyrings now.
This fixed my script:
```
$ sudo keyctl link @u @s
$ sudo /bin/mount -it ecryptfs "/media/locked" "/media/unlocked" -o
ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecryptfs_sig=abc,ecryptfs_fnek_sig=123
```
For now everything works again, but the thing seems buggy. Ubuntu even
dropped the encrypted home because of it.
Ecryptfs seems to be eol. Looking for fresh solutions to protect the
privacy of my cloud files.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1726873
Title:
mount.ecryptfs_private can't mount in 17.10
Status in ecryptfs-utils package in Ubuntu:
Confirmed
Status in systemd package in Ubuntu:
Confirmed
Bug description:
Hi,
I am using several ecryptfs mounts with ecryptfs-add-passphrase and
mount.ecryptfs_private, configured in ~/.ecryptfs/xxx.conf and
~/.ecryptfs/xxx.sig, which was working well for years up to 17.04.
With 17.10 I can't mount these file systems anymore.
ecryptfs-add-passphrase says
Inserted auth tok with sig [....] into the user session keyring
with the correct sig (!).
Trying to mount with mount.ecryptfs_private then says
mount: No such file or directory
although all directories present and correct.
the Kernel then says (dmesg):
[10149.247972] Could not find key with description: [...]
[10149.247994] process_request_key_err: No key
[10149.248000] Could not find valid key in user session keyring for sig
specified in mount option: [...]
[10149.248012] One or more global auth toks could not properly register; rc =
[-2]
[10149.248019] Error parsing options; rc = [-2]
with exactly the same sig!
So although ecryptfs-add-passphrase claimed to have added the key to the
keyring, the kernel complains that it could not find such a key.
ProblemType: Bug
DistroRelease: Ubuntu 17.10
Package: ecryptfs-utils 111-0ubuntu5
ProcVersionSignature: Ubuntu 4.13.0-16.19-generic 4.13.4
Uname: Linux 4.13.0-16-generic x86_64
NonfreeKernelModules: zfs zunicode zavl zcommon znvpair
ApportVersion: 2.20.7-0ubuntu3
Architecture: amd64
CurrentDesktop: LXDE
Date: Tue Oct 24 15:31:45 2017
InstallationDate: Installed on 2017-10-24 (0 days ago)
InstallationMedia: Lubuntu 17.10 "Artful Aardvark" - Release amd64
(20171017.1)
SourcePackage: ecryptfs-utils
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1726873/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
