You are here:

Unix/Linux OS/Recovering an encrypted volume, or just re-installing my GUI!


QUESTION: I made a dedicated server using Bodhi Linux, which is based on Ubuntu. But when I completely installed (using Synaptic) several programs, I had no knowledge that "complete removal" means removal of it's dependencies as well. So when I removed a program that relied on E17 (the Bodhi desktop/window manager) it removed my whole window manager, too. So when I restarted my computer, I was presented with an error message basically stating "you have no window manager =P". So, booting into the recovery environment I tried using the command line to browse to my home folder and copy it over to my memory stick, it wouldn't budge. It also hadn't initialized the WLAN, so I couldn't use apt-get to get E17 (yes, I did it right by referring it to the repository, updating the sources and THEN trying to download and install it, all with root priveledges) so I resorted to boot into Windows (which felt TERRIBLE for the first time in 3 months) and download DiskInternals Linux Reader, to try and import the dedicated server files from my desktop (/home/alex/Desktop/server) to my Windows desktop (C:UsersAlexDesktopserver) only to remember that I chose for my home user to be encrypted, so I was only presented with a README stating: "

From the graphical desktop (EDIT: which I don't have),
click on "Access Your Private Data"
or From the command line, run:
ecryptfs-mount-private (which I tried and didn't work!)

So, now I find myself with no way to retrieve my server files. I'd worked about a year on it, and I don't want to start again from scratch at ANY costs. Any help is greatly appreciated!

ANSWER: This sounds to me as though all you need is the decryption key to mount it.  Have you tried to mount it?  I'm thinking the proper way of mounting it will prompt you for the private key.  There's probably more than one way to mount it.  That is, running the desktop you installed initially is one way.  Another way is mounting it from the command line.  You'd be able to do this from any distro -- if you have the key that decrypts it.

From what I've been able to determine, Ubuntu implements ways to make life easier for a user.  In this case, one of those ways might have included allowing you to store the key.  If so, how securely is it stored?  You may be able to recover the private key (Secret key) if it is stored and you don't remember it.

Posing the question to an ubuntu forum is probably a good idea but you'll need to explain what you mean by "it didn't work". (re: ecryptfs-mount-private).  Did you spell the command correctly?

- John

---------- FOLLOW-UP ----------

QUESTION: I forgot to mention this, but in the files I could recover there was a file called Access-Your-Private-Data.desktop and the contents (according to MS notepad) were: "
", that file contains the following information: "
[Desktop Entry]
_Name=Access Your Private Data
_GenericName=Access Your Private Data
", which doesn't mean much to me! I am totally stuck with a way to mount my desktop. (Although I've been using Linux for 3 months, I'd only been using simple file management commands and compiling and running applications in Java, so haven't really got much experience with it!)  GPARTED just freezes whenever I try to "Attempt Data Rescue" of the partition, and yes, I already have posted this to a linux forum, and despite getting 112 views have failed to get any sort of response yet. I spelled ecryptfs-mount-private correctly. Is there an argument for this command in which I specify the private key to mount it? Also what/where is the private key? I didn't specify one on setup or is it just my user password? The GUI way - the only reason I'm not using it is because I uninstalled my GUI, and cannot get to the files I need BECAUSE I lost my GUI. That is the whole reason I need to recover the files. Running Linux in command-line, I cannot copy (recursively) my user file to /media/sda3/Users/Alex/Desktop (my Windows desktop) but I assumed this was because sda3 (my Windows partition) wasn't mounted in recovery mode so I tried copying my home directory to another directory. Is there a work around RECOVERING my files, and is there a way to re-install my GUI (Enlightenment 17) so they don't need recovering and I can just access my files normally? Thanks for your fantastic answer last time, and I'm sure you won't fail to help this time.
- Alex

I don't recommend working on it, directly. Rather, create a disk image and use it to test.  Once you've found what you think will work then use the actual disk.  But it sounds like the private key has been lost.  Any idea what encryption algorithm is used and whose product it is?

I'm not sure gparted will operate on NTFS.

Avoid the GUI.

What is "Recovery" mode?  Even if its mounted read-only, it may be written to. This was/is an issue with some Linux distros.  Check here:

The file shown looks like a Windows configuration file.  I confess, I'm a little confused by what you've written because I'm not aware of a mount mode called "recovery" in Linux and you mention running notepad.

You used Ubuntu to encrypt yes?
- John

Unix/Linux OS

All Answers

Answers by Expert:

Ask Experts


John Crout


Answers about hardening, command-line operation,boot/start-up, reconfiguring the kernel, debugging, installing/removing packages. Interfacing with Windows. Most questions about building from source.


Been learning how to do these things since 1982.

Association for Computing Machinery, Information Systems Security Association

BSEE, Electrical and Computer Engineering

©2017 All rights reserved.