From the Canyon Edge -- :-Dustin

Tuesday, April 26, 2011

Introducing ecryptfs-recover-private -- Recover your Encrypted Private Directory!

Once again, this post is long, long, long overdue ;-)

I'm pleased to announce the general availability of a new utility -- ecryptfs-recover-private!

For several years now, we in the #ecryptfs IRC channel and in the eCryptfs community on Launchpad have been pointing people to this blog post of mine, which explains how to manually mount an Encrypted Home or Private directory from an Ubuntu LiveCD.

I'm quite happy to say that this is now an automated process, with the release of the Ubuntu 11.04 (Natty Narwhal) Desktop later this week!

If you find yourself in a situation where you need to recover your Encrypted Home or Encrypted Private directory, simply:
  1. boot the target system using an Ubuntu 12.04 (or newer) Desktop LiveCD
  2. make sure that your target system's hard drive is mounted
  3. open a terminal
  4. install ecryptfs-utils 'sudo apt-get install -y ecryptfs-utils'
  5. and run 'sudo ecryptfs-recover-private'
  6. follow the prompts
  7. access your decrypted data and save somewhere else
  8. you can also launch the graphical file browser with 'sudo nautilus'  and navigate to the temporary directory
The utility will do a deep find of the system's hard disk, looking for folders named ".Private", and will interactively ask you if it's the folder you'd like to recover.  If you answer "yes", you will then be prompted for the login passphrase that's used to decrypt your wrapped, mount passphrase.  Assuming you have the correct credentials, it will mount your Encrypted Home or Private directory in read-only mode, and point you at the temporary directory where it's mounted.

Here's a video demonstration...

Tossing you a life raft,