• ARTICLES
SEARCH

How-To Geek

How to Recover an Encrypted Home Directory on Ubuntu

image

Access an encrypted home directory when you’re not logged in – say, from a live CD – and all you’ll see is a README file. You’ll need a terminal command to recover your encrypted files.

You should also back up your mount passphrase ahead of time – you may need this in the future. While eCryptfs normally decrypts your files with your login passphrase, the mount passphrase may be necessary if eCryptfs’s files become lost.

Back Up Encryption Passphrase

If you use an encrypted Ubuntu home directory, you should keep a backup copy of your mount passphrase. You’ll see a dialog prompting you to do so after encrypting your home directory. Write down this passphrase and keep it somewhere safe – you may need it to recover your files in the future.

image

If you want to acquire this mount passphrase at a later date, just run the ecryptfs-unwrap-passphrase command while logged in.

image

You can still recover your encrypted files without this mount passphrase, assuming the ecryptfs wrapped passphrase is still available on your hard drive. However, if you lose this data or it becomes corrupted, you’ll need the mount passphrase to recover your files.

Recovering From a Live CD

You can recover your files by booting from a Ubuntu live CD or USB drive. If you still have the disc or USB drive you installed Ubuntu from, you can use that. Otherwise, you can download an ISO from Ubuntu’s website and place it on a CD, DVD, or USB drive.

Log in to the live Ubuntu environment and ensure the partition containing your encrypted home directory is mounted. You can easily mount it by clicking It in the file manager – you’ll see an eject (unmount) icon, indicating the partition is mounted.

image

Next, fire up a terminal and run the following command to search your mounted file systems for encrypted private directories

sudo ecryptfs-recover-private

image

The command will offer to recover an encrypted directory if it locates one.

image

Assuming the command found a wrapped passphrase file on your system, it will prompt you for your login passphrase. If it doesn’t find this file, you’ll need the mount passphrase from the ecryptfs-unwrap-passphrase command – hopefully you have a copy of this. If you don’t, you can’t recover your files.

image

The command will mount the encrypted directory in your /tmp directory.

image

You can access this directory to view the decrypted versions of your files. However, you may not have read access to this directory as the live CD user.

image

To access the directory with a graphical file browser, run Nautilus as root. Press Alt+F2, type gksu nautilus, and press Enter.

image

You’ll be able to access your files from the Nautilus window running as root. From here, you can easily copy the files to an external hard drive or another location.

image

Chris Hoffman is a technology writer and all-around computer geek. He's as at home using the Linux terminal as he is digging into the Windows registry. Connect with him on Google+.

  • Published 06/11/12

Comments (3)

  1. Ashwin Rao

    Nice how to guide for Ubuntu users! Thanks HTG .

  2. Citrus Rain

    Except it has only prompted me for a passphrase once.

    Out of 3 times.

    First I lost EVERYTHING (windows attacked the HDD & ruined grub because I didn’t know ubuntu was about to reboot into windows after my pc finally started working after 8 months)

    The next time, the Ubuntu upgrade that was supposed to be on a separate partition decided to never let me use the old one again. I lost days worth of minecraft work. :(

    I didn’t even remember agreeing to encrypt anything either time. And I never actually seen the option until the LTS came out.

    I mentioned it on G+ that the steps to recover it didn’t work, and I was told to never use the built in encryption for ubuntu.

  3. adam

    Hi all,

    i’m trying to recover a laptop hd that i can only connect to via usb. i bought a new laptop that doesn’t even have the same size enclosure. when i connect the old drive to the new laptop it doesn’t even recognize it (both running ubuntu 10.04). any advice/tricks/workarounds?

Enter Your Email Here to Get Access for Free:

Go check your email!