Comment 17 for bug 259631
Revision history for this message
| Dustin Kirkland (kirkland) wrote Re: [Bug 259631] Re: Cannot open Private directory after a reboot | #17 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
On Tue, Oct 21, 2008 at 10:53 AM, Rune Evjen <email address hidden> wrote:
> In any case, is it possible to take the mount_passphrase and reverse it in
> order to compare it to the original login_passphrase ? Or can one
> mount_passphrase be generated from different login passwords ?
The mount_passphrase is generated from /dev/urandom, and encrypted
with the login_passphrase that you enter (twice) in
ecryptfs-
If you can decrypt it using ecryptfs-
current login passphrase, then it's wrapped correctly. If you can
insert into your keyring, then the kernel knows about it. And if the
signature in Private.sig and keyctl match, then it's the "correct"
key. The mount should definitely succeed.
I want to revisit something Matt wrote, about entering the wrong login
password (twice). ecryptfs-
login password. It expects that you know your password, and that
you're going to enter it correctly, and twice. It uses that value to
encrypt the mount passphrase, even if it's not your actual login
passphrase. That could easily be the source of these troubles...
:-Dustin