Comment 19 for bug 259631

Test Result

1. First, you need to figure out if you can decrypt your mount_passphrase, using 'ecryptfs-unwrap-passphrase ~/.ecryptfs/wrapped-passphrase LOGIN_PASSPHRASE'.

Result: Received salt warning, command printed the hex digits and returned 0

2. Once you're able to successfully decrypt ~/.ecryptfs/wrapped-passphrase, run ecryptfs_insert_wrapped_passphrase_into_keyring ~/.ecryptfs/wrapped-passphrase LOGIN_PASSPHRASE'.

Result: Received salt warning, and "Inserted auth tok with sig [xxxxxx...x] into the user session keyring

3. You can list the id's of the keys in the keyring using: 'keyctl show'.

Result: keyctl shows two user keys, one match to the result of the command 'ecryptfs_insert_wrapped_passphrase_into_keyring..' and another key. (Note: I already had used ecryptfs earlier in a more manual way for other directories, is the other key my old key and is this creating the problem with automount after reboot ?)

4. Now that you have the passphrase in the keyring, you should be able to mount your encrypted private directory with 'mount.ecryptfs_private'.

Result: Using the 'mount.ecryptfs_private' command I can succsessfully mount (and decrypt the contents of) my ~/Private directory.

5. Reboot persistency
After applying the above commands and accessing ~/Private, I rebooted and ran 'mount.ecryptfs_private' which again gave the error "keyctl_search: Required key not available"
'keyctl show' does not list my key, only my "old" key (see 3).

After adding it with 'ecryptfs-insert-wrapped-passphrase-into-keyring ~/.ecryptfs/wrapped-passphrase LOGIN_PASSWORD' and running 'mount.ecryptfs_private' again the ~/Private directory is mounted ok.

6. Summary
So it seems like the problem for me is that my "wrapped passphrase" is not automatically added into the keyring.
Is this because I have two keys ? (See note in 3)
In another computer I use this is working fine, but on that computer I didn't use ecryptfs prior to using the Ubuntu "Private directory" feature.

Regards,

Rune