Choose style:

Author Topic: accessing peppermint drive remotely  (Read 4122 times)

0 Members and 1 Guest are viewing this topic.

Offline PepPaulgr

  • nOOb
  • *
  • Posts: 10
  • Karma: 0
  • New Forum User
    • View Profile
  • Peppermint version(s): 4
accessing peppermint drive remotely
« on: September 12, 2014, 05:53:18 am »
When I installed Peppermint 4, I selected encrypt home folder. I thought it would be a simple matter of selecting "open as root" when i try to access the drive Peppermint is installed on from a live Peppermint cd,  but I haven't had that experience.
I have no trouble booting into my Peppermint install, it's just whenever I try to access it externally.

This is what I've tried after booting into the Peppermint CD:

Enter a passphrase to unlock the volume

When I enter the passphrase that I use to unclock the drive at bootup, I get the error message "The unlocked device does not have a recognizable file system on it."

Another error message:
Error opening directory '/media/peppermint/764357f5-b7a6-4504-b699-3643ee96d7e3/home/paul': Permission denied

When I click on the home folder of the drive I'm trying to access and then select open current folder as root, I get this icon: Access-Your-Private-Data  Nothing happens when I click on it.

The Readme text:

THIS DIRECTORY HAS BEEN UNMOUNTED TO PROTECT YOUR DATA.

From the graphical desktop, click on:
 "Access Your Private Data"

or

From the command line, run:
 ecryptfs-mount-private

In the terminal I cd to the drive I'm trying to access and get this when I enter ecryptfs-mount-private command

ERROR: Encrypted private directory is not setup properly

Any suggestions? Thank, Paul


Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 25497
  • Karma: 2807
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: accessing peppermint drive remotely
« Reply #1 on: September 12, 2014, 06:52:50 am »
Boot into peppermint normally .. open a terminal and run:
Code: [Select]
ecryptfs-unwrap-passphrase
when prompted for a password, enter your Peppermint login password and hit enter.

You will be shown the mount key you need to unlock/mount your encrypted /home

Would probably be a good idea to write this down somewhere and keep it safe, but obviously separate from the laptop .. you'll NEED this key to access your data if the system ever becomes unbootable.

Please see the release notes:
http://peppermintos.com/release-notes/
« Last Edit: September 12, 2014, 06:56:32 am by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline PepPaulgr

  • nOOb
  • *
  • Posts: 10
  • Karma: 0
  • New Forum User
    • View Profile
  • Peppermint version(s): 4
Re: accessing peppermint drive remotely
« Reply #2 on: September 17, 2014, 02:47:45 pm »
I followed your instructions and got this error message:

Error: Unwrapping passphrase failed [-5]
Info: Check the system log for more information from libecryptfs

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 25497
  • Karma: 2807
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: accessing peppermint drive remotely
« Reply #3 on: September 17, 2014, 03:44:53 pm »
Run:
Code: [Select]
sudo updatedb
then post the output from:
Code: [Select]
locate ecryptfs
and
Code: [Select]
locate passphrase
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline PepPaulgr

  • nOOb
  • *
  • Posts: 10
  • Karma: 0
  • New Forum User
    • View Profile
  • Peppermint version(s): 4
Re: accessing peppermint drive remotely
« Reply #4 on: September 19, 2014, 08:41:48 am »
Here is the output of locate ecryptfs

paul@paul ~ $ locate ecryptfs
Spoiler (click here to view / hide)
/home/.ecryptfs
/lib/security/pam_ecryptfs.so
/sbin/mount.ecryptfs
/sbin/mount.ecryptfs_private
/sbin/umount.ecryptfs
/sbin/umount.ecryptfs_private
/usr/bin/ecryptfs-add-passphrase
/usr/bin/ecryptfs-find
/usr/bin/ecryptfs-insert-wrapped-passphrase-into-keyring
/usr/bin/ecryptfs-manager
/usr/bin/ecryptfs-migrate-home
/usr/bin/ecryptfs-mount-private
/usr/bin/ecryptfs-recover-private
/usr/bin/ecryptfs-rewrap-passphrase
/usr/bin/ecryptfs-rewrite-file
/usr/bin/ecryptfs-setup-private
/usr/bin/ecryptfs-setup-swap
/usr/bin/ecryptfs-stat
/usr/bin/ecryptfs-umount-private
/usr/bin/ecryptfs-unwrap-passphrase
/usr/bin/ecryptfs-verify
/usr/bin/ecryptfs-wrap-passphrase
/usr/bin/ecryptfsd
/usr/lib/ecryptfs
/usr/lib/libecryptfs.so.0
/usr/lib/libecryptfs.so.0.0
/usr/lib/libecryptfs.so.0.0.0
/usr/lib/ecryptfs/libecryptfs_key_mod_passphrase.so
/usr/share/ecryptfs-utils
/usr/share/doc/ecryptfs-utils
/usr/share/doc/libecryptfs0
/usr/share/doc/ecryptfs-utils/AUTHORS
/usr/share/doc/ecryptfs-utils/README.gz
/usr/share/doc/ecryptfs-utils/THANKS
/usr/share/doc/ecryptfs-utils/changelog.Debian.gz
/usr/share/doc/ecryptfs-utils/copyright
/usr/share/doc/ecryptfs-utils/ecryptfs-faq.html
/usr/share/doc/libecryptfs0/changelog.Debian.gz
/usr/share/doc/libecryptfs0/copyright
/usr/share/ecryptfs-utils/ecryptfs-mount-private.desktop
/usr/share/ecryptfs-utils/ecryptfs-mount-private.txt
/usr/share/ecryptfs-utils/ecryptfs-record-passphrase
/usr/share/ecryptfs-utils/ecryptfs-setup-private.desktop
/usr/share/lintian/overrides/ecryptfs-utils
/usr/share/locale-langpack/en_AU/LC_MESSAGES/ecryptfs-utils.mo
/usr/share/locale-langpack/en_CA/LC_MESSAGES/ecryptfs-utils.mo
/usr/share/locale-langpack/en_GB/LC_MESSAGES/ecryptfs-utils.mo
/usr/share/man/man1/ecryptfs-add-passphrase.1.gz
/usr/share/man/man1/ecryptfs-find.1.gz
/usr/share/man/man1/ecryptfs-generate-tpm-key.1.gz
/usr/share/man/man1/ecryptfs-insert-wrapped-passphrase-into-keyring.1.gz
/usr/share/man/man1/ecryptfs-mount-private.1.gz
/usr/share/man/man1/ecryptfs-recover-private.1.gz
/usr/share/man/man1/ecryptfs-rewrap-passphrase.1.gz
/usr/share/man/man1/ecryptfs-rewrite-file.1.gz
/usr/share/man/man1/ecryptfs-setup-private.1.gz
/usr/share/man/man1/ecryptfs-setup-swap.1.gz
/usr/share/man/man1/ecryptfs-stat.1.gz
/usr/share/man/man1/ecryptfs-umount-private.1.gz
/usr/share/man/man1/ecryptfs-unwrap-passphrase.1.gz
/usr/share/man/man1/ecryptfs-verify.1.gz
/usr/share/man/man1/ecryptfs-wrap-passphrase.1.gz
/usr/share/man/man1/mount.ecryptfs_private.1.gz
/usr/share/man/man1/umount.ecryptfs_private.1.gz
/usr/share/man/man7/ecryptfs.7.gz
/usr/share/man/man8/ecryptfs-manager.8.gz
/usr/share/man/man8/ecryptfs-migrate-home.8.gz
/usr/share/man/man8/ecryptfsd.8.gz
/usr/share/man/man8/mount.ecryptfs.8.gz
/usr/share/man/man8/pam_ecryptfs.8.gz
/usr/share/man/man8/umount.ecryptfs.8.gz
/usr/share/pam-configs/ecryptfs-utils
/var/lib/dpkg/info/ecryptfs-utils.list
/var/lib/dpkg/info/ecryptfs-utils.md5sums
/var/lib/dpkg/info/ecryptfs-utils.postinst
/var/lib/dpkg/info/ecryptfs-utils.prerm
/var/lib/dpkg/info/libecryptfs0.list
/var/lib/dpkg/info/libecryptfs0.md5sums
/var/lib/dpkg/info/libecryptfs0.postinst
/var/lib/dpkg/info/libecryptfs0.postrm
/var/lib/dpkg/info/libecryptfs0.shlibs
/var/lib/update-notifier/user.d/ecryptfs-record-passphrase
[close]


Here is the output of locate passphrase

paul@paul ~ $ locate passphrase
Spoiler (click here to view / hide)
/usr/bin/ecryptfs-add-passphrase
/usr/bin/ecryptfs-insert-wrapped-passphrase-into-keyring
/usr/bin/ecryptfs-rewrap-passphrase
/usr/bin/ecryptfs-unwrap-passphrase
/usr/bin/ecryptfs-wrap-passphrase
/usr/bin/wpa_passphrase
/usr/lib/ecryptfs/libecryptfs_key_mod_passphrase.so
/usr/share/ecryptfs-utils/ecryptfs-record-passphrase
/usr/share/gnome-disk-utility/change-passphrase-dialog.ui
/usr/share/man/man1/ecryptfs-add-passphrase.1.gz
/usr/share/man/man1/ecryptfs-insert-wrapped-passphrase-into-keyring.1.gz
/usr/share/man/man1/ecryptfs-rewrap-passphrase.1.gz
/usr/share/man/man1/ecryptfs-unwrap-passphrase.1.gz
/usr/share/man/man1/ecryptfs-wrap-passphrase.1.gz
/usr/share/man/man8/wpa_passphrase.8.gz
/var/lib/update-notifier/user.d/ecryptfs-record-passphrase
[close]


« Last Edit: September 19, 2014, 10:33:41 am by PCNetSpec »

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 25497
  • Karma: 2807
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: accessing peppermint drive remotely
« Reply #5 on: September 19, 2014, 09:57:39 am »
What's the output from:
Code: [Select]
mount

and whilst logged on locally, does:
Code: [Select]
ecryptfs-unwrap-passphrase ~/.ecryptfs/wrapped-passphrase
return a key ?
« Last Edit: September 19, 2014, 10:22:51 am by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline PepPaulgr

  • nOOb
  • *
  • Posts: 10
  • Karma: 0
  • New Forum User
    • View Profile
  • Peppermint version(s): 4
Re: accessing peppermint drive remotely
« Reply #6 on: September 19, 2014, 10:22:47 am »
Here's the output:

paul@ ~ $ ls -a /home/.ecryptfs
.  ..  paulgrie
paul@ ~ $ ecryptfs-unwrap-passphrase ~/.ecryptfs/wrapped-passphrase
Passphrase:
Error: Unwrapping passphrase failed [-5]
Info: Check the system log for more information from libecryptfs

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 25497
  • Karma: 2807
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: accessing peppermint drive remotely
« Reply #7 on: September 19, 2014, 10:26:14 am »
Try:
Code: [Select]
ecryptfs-unwrap-passphrase ~/.ecryptfs/paulgrie
If still no key, post the output from:
Code: [Select]
mount
and:
Code: [Select]
ls -al ~/.ecryptfs
« Last Edit: September 19, 2014, 10:28:00 am by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline PepPaulgr

  • nOOb
  • *
  • Posts: 10
  • Karma: 0
  • New Forum User
    • View Profile
  • Peppermint version(s): 4
Re: accessing peppermint drive remotely
« Reply #8 on: September 19, 2014, 10:43:20 am »
output from mount

 ~ $ mount
/dev/mapper/peppermint--vg-root on / type ext4 (rw,errors=remount-ro)
proc on /proc type proc (rw,noexec,nosuid,nodev)
sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
none on /sys/fs/cgroup type tmpfs (rw)
none on /sys/fs/fuse/connections type fusectl (rw)
none on /sys/kernel/debug type debugfs (rw)
none on /sys/kernel/security type securityfs (rw)
udev on /dev type devtmpfs (rw,mode=0755)
devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620)
tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755)
none on /run/lock type tmpfs (rw,noexec,nosuid,nodev,size=5242880)
none on /run/shm type tmpfs (rw,nosuid,nodev)
none on /run/user type tmpfs (rw,noexec,nosuid,nodev,size=104857600,mode=0755)
/dev/sda1 on /boot type ext2 (rw)
/home/paulgrie/.Private on /home/paulgrie type ecryptfs (ecryptfs_check_dev_ruid,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_unlink_sigs,ecryptfs_sig=53d35a1e77cdde5f,ecryptfs_fnek_sig=6a7c10d7d03528d7)
gvfsd-fuse on /run/user/paulgrie/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,user=paulgrie)
/dev/sdc1 on /media/paulgrie/AF57-AD29 type vfat (rw,nosuid,nodev,uid=1000,gid=1000,shortname=mixed,dmask=0077,utf8=1,showexec,flush,uhelper=udisks2)

output from ls -al ~/.ecryptfs

lrwxrwxrwx 1 paulgrie paulgrie 34 Jan 24  2014 /home/paulgrie/.ecryptfs -> /home/.ecryptfs/paulgrie/.ecryptfs

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 25497
  • Karma: 2807
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: accessing peppermint drive remotely
« Reply #9 on: September 19, 2014, 11:56:56 am »
ok what's the output from:
Code: [Select]
ls -a /home/paulgrie/.ecryptfs
and
Code: [Select]
ls -a /home/.ecryptfs/paulgrie/.ecryptfs
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline PepPaulgr

  • nOOb
  • *
  • Posts: 10
  • Karma: 0
  • New Forum User
    • View Profile
  • Peppermint version(s): 4
Re: accessing peppermint drive remotely
« Reply #10 on: September 19, 2014, 12:15:18 pm »
paulgrie@paulgrie-N68S3B ~ $ ls -a /home/paulgrie/.ecryptfs
.  ..  auto-mount  auto-umount  Private.mnt  Private.sig  wrapped-passphrase
paulgrie@paulgrie-N68S3B ~ $ ls -a /home/.ecryptfs/paulgrie/.ecryptfs
.  ..  auto-mount  auto-umount  Private.mnt  Private.sig  wrapped-passphrase
paulgrie@paulgrie-N68S3B ~ $


Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 25497
  • Karma: 2807
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: accessing peppermint drive remotely
« Reply #11 on: September 19, 2014, 12:26:54 pm »
Does:
Code: [Select]
ecryptfs-unwrap-passphrase /home/paulgrie/.ecryptfs/wrapped-passphrase
or
Code: [Select]
ecryptfs-unwrap-passphrase /home/.ecryptfs/paulgrie/.ecryptfss/wrapped-passphrase
give you your key ?

If not, what's the output from:
Code: [Select]
cat /var/log/syslog | grep ecryptfs
« Last Edit: September 19, 2014, 12:29:46 pm by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline PepPaulgr

  • nOOb
  • *
  • Posts: 10
  • Karma: 0
  • New Forum User
    • View Profile
  • Peppermint version(s): 4
Re: accessing peppermint drive remotely
« Reply #12 on: September 19, 2014, 12:44:22 pm »
Before I give you the output from the commands you gave me, I've located a password that I have for(password recovery for peppermint login) 

Also, I'm not trying to recover lost data. I'm just trying to click on my peppermint drive's home folder when I'm booted into a Peppermint live cd or usb. How would recovering the key enable me to do that/ That said, below is the output from your recent commands.


paulgrie@paulgrie-N68S3B ~ $ ecryptfs-unwrap-passphrase /home/paulgrie/.ecryptfs/wrapped-passphrase
Passphrase:
Error: Unwrapping passphrase failed [-5]
Info: Check the system log for more information from libecryptfs
paulgrie@paulgrie-N68S3B ~ $ ecryptfs-unwrap-passphrase /home/.ecryptfs/paulgrie/.ecryptfss/wrapped-passphrase
Passphrase:
Error: Unwrapping passphrase failed [-5]
Info: Check the system log for more information from libecryptfs
paulgrie@paulgrie-N68S3B ~ $ cat /var/log/syslog | grep ecryptfs
Sep 19 08:09:23 paulgrie-N68S3B sudo: pam_ecryptfs: pam_sm_authenticate: /home/paulgrie is already mounted
Sep 19 10:16:14 paulgrie-N68S3B ecryptfs-unwrap-passphrase: Incorrect wrapping key for file [/home/paulgrie/.ecryptfs/wrapped-passphrase]
Sep 19 10:38:41 paulgrie-N68S3B ecryptfs-unwrap-passphrase: Error attempting to open [/home/paulgrie/.ecryptfs/paulgrie] for reading
Sep 19 12:33:40 paulgrie-N68S3B xscreensaver: pam_ecryptfs: seteuid error
Sep 19 12:35:38 paulgrie-N68S3B ecryptfs-unwrap-passphrase: Incorrect wrapping key for file [/home/paulgrie/.ecryptfs/wrapped-passphrase]
Sep 19 12:36:48 paulgrie-N68S3B ecryptfs-unwrap-passphrase: Error attempting to open [/home/.ecryptfs/paulgrie/.ecryptfss/wrapped-passphrase] for reading

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 25497
  • Karma: 2807
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: accessing peppermint drive remotely
« Reply #13 on: September 19, 2014, 03:45:11 pm »
If I'm reading the syslog entries correctly, it's asking for your password and you're entering the wrong one.

Whilst logged on locally, run:
Code: [Select]
ecryptfs-unwrap-passphrase /home/paulgrie/.ecryptfs/wrapped-passphrase
it should then prompt for your password .. it wants your Peppermint login password then hit enter .. and it should display the key
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline PepPaulgr

  • nOOb
  • *
  • Posts: 10
  • Karma: 0
  • New Forum User
    • View Profile
  • Peppermint version(s): 4
Re: accessing peppermint drive remotely
« Reply #14 on: September 19, 2014, 08:26:58 pm »
On my system I have two passwords that I have to enter. The first is the password for the peppermint encryption. When I successfully enter that I then have to enter the password that I use to login and logout. I just assumed since this had to do with encryption, it wanted the first password. I tried entering the login password for the last command you gave me and I got a line of 32 characters. if this is the key you've been referring to, what do I do now with it?