Public bug reported: Binary package hint: ecryptfs-utils
Observed with ecryptfs-utils 53-1ubuntu1 on Intrepid alpha, but guess the following is by design. Steps to reproduce: 1) Create an encrypted private directory as per https://wiki.ubuntu.com/EncryptedPrivateDirectory (see Testing) 2) Logout and login again to confirm that the encrypted private directory is mounting 3) Change your unix password 4) Logout and login again to observe that the encrypted directory is no longer mounted 5) Also open a terminal and try to manually mount it with the command ecryptfs-mount-private and see it fail with message "keyctl_search: Required key not available" What should happen: After changing one's password, the user is still able to access their encrypted private directory. What happens instead: After changing one's password, the user can no longer mount their encrypted private directory. Comment: >From what I understand, ecryptfs-tools needs a password to encrypt the private >directory. This private password is wrapped (i.e. encrypted) with the user >login password at initialization time. Subsequently, the private password is >unwrapped at each login using the login password just provided by the user. This breaks as soon as the user changes their unix password, because the login password is no longer able to unwrap the private password. Here, The Right Thing to do is to unwrap and rewrap the private password transparently as users change their login password, but I don't know how difficult that is. Transitorily, prominent instructions on the wiki on how to do update the private password manually or otherwise recover from the situation would be welcome. For the time being, I've restored my previous password. ** Affects: ecryptfs-utils (Ubuntu) Importance: Undecided Status: New -- Cannot mount the encrypted private directory after changing password https://bugs.launchpad.net/bugs/255624 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
