1

So I'm running Ubuntu 15.10. I have full disk encryption setup and an encrypted home folder, I realize this is stupid but I didn't realize what I choose when I set it up and never bothered to try and change it.

So yesterday, via terminal I changed my account + root password. I then tried to start the computer this morning, I get to the account login page, I try to login...it flashes and then goes back to the login page. I understand this is because my home folder can not be decrypted.

I found some guides on line to handle this [ can't log in after password change (ecryptfs) ] however, I can't boot into linux because of the full disk encryption.

I have all password (old + new) and I have the long string passphrase (that I think goes with the full disk encryption).

I really would appreciate your help. I have really important information on this laptop and I haven't backed up in a couple months.

Community
  • 1
Justin
  • 13
  • What do you mean by "I can't boot into linux because of the full disk encryption"? I thought you said that you see the login screen. – mastov May 03 '16 at 12:35
  • All the guides I have found simply state as a first step "boot the target system using an live disk cd". I don't know how to do this due to the fact that I have full disk encryption. [example : http://blog.dustinkirkland.com/2011/04/introducing-ecryptfs-recover-private.html ] – Justin May 03 '16 at 12:38
  • 1
  • It may not even be necessary to boot into a live CD. You may still be able to log into your current system, even if the home is not accessible. Your graphical login probably fails without your home directory available. But, for example, you can try to log into a virtual console (Ctrl + Alt + F1) and log in there.
    • – mastov May 03 '16 at 12:41
  • 1
  • You can still access an encrypted partition from a Live CD. You just have to mount it manually and enter the encryption password. For example, you can run gnome-disk-utility on your Live CD and decrypt+mount your system partition from there graphically.
    • – mastov May 03 '16 at 12:42
  • I was able to login as root on my machine. Following the article in the middle of my post I was able to mount my encrypted home drive (ecryptfs-mount-private) and cd into it. When I try to run the ecryptfs-rewrap-passphrase command as stated in the guide....Error : Unwrapping passphrase failed [-2]. Thank you for your help – Justin May 03 '16 at 12:55
  • 1
    If you are logged in as root, you will have to change the command ecryptfs-rewrap-passphrase ~/.ecryptfs/wrapped-passphrase to something like ecryptfs-rewrap-passphrase /home/[the-user-you-whose-home-you-want-to-rewrap]/.ecryptfs/wrapped-passphrase – mastov May 03 '16 at 12:58
  • 1
    That was it. Simply Amazing. Thank you so much. – Justin May 03 '16 at 13:06
  • 1
    ps. using luks + eCryptfs is not stupid, it's more secure. (& @mastov if your steps were in an answer, they deserve an upvote from me & check-mark from Justin) – Xen2050 May 04 '16 at 04:45