[Touch-packages] [Bug 1718658] Re: ecryptfs-mount-private fails to initialize ecryptfs keys

marius Mon, 22 Jun 2020 10:46:24 -0700

I am getting exactly the same issue here after upgrading from 18.04 to
20.04. I use a custom folder and have some shell utilities to run the
mount command with the right paramaters. Below SIG and FNEK_SIG continue
to match what `ecryptfs-add-passphrase --fnek` reports (and the same as
before the update). I am seeing the same in kernel logs via `dmesg` as
OP reported.


mount -t ecryptfs /home/marius/Dropbox/private /home/marius/private -o
ecryptfs_sig=<SIG>,ecryptfs_fnek_sig=<FNEK_SIG>,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_passthrough=n


$ uname -mrs                                                                    
                                                                                
                                                                                
             Linux 5.4.0-37-generic x86_64

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 20.04 LTS
Release:        20.04
Codename:       focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1718658

Title:
  ecryptfs-mount-private fails to initialize ecryptfs keys

Status in ecryptfs-utils package in Ubuntu:
  Confirmed
Status in systemd package in Ubuntu:
  Confirmed

Bug description:
  ecryptfs-mount-private fails to mount the ecryptfs after the 1st
  reboot after creating the ecryptfs by ecryptfs-setup-private.

  After the unsucessful attempt dmesg contains:

  [ 1265.695388] Could not find key with description: [<correct key ID>]
  [ 1265.695393] process_request_key_err: No key
  [ 1265.695394] Could not find valid key in user session keyring for sig 
specified in mount option: [<correct key ID>]
  [ 1265.695395] One or more global auth toks could not properly register; rc = 
[-2]
  [ 1265.695396] Error parsing options; rc = [-2]

  Note: The correct key ID has been replaced in the "<correct key ID>".

  I also accidentally found an workaround - just running ecrytpfs-
  manager and then the ecryptfs-mount-private (it does not ask for
  password for the second time and mounts the ecryptfs correctly):

  host:~$ ecryptfs-manager

  eCryptfs key management menu
  -------------------------------
        1. Add passphrase key to keyring
        2. Add public key to keyring
        3. Generate new public/private keypair
        4. Exit

  Make selection: 4
  host:~$ ls Private/
  Access-Your-Private-Data.desktop  README.txt
  host:~$ ecryptfs-mount-private 
  host:~$ ls Private/
  <ecryptfs content is present>

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1718658/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1718658] Re: ecryptfs-mount-private fails to initialize ecryptfs keys

Reply via email to