LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-08-2014, 12:29 PM   #1
yxlan
LQ Newbie
 
Registered: Dec 2014
Location: Frankfurt am Main, Germany
Distribution: Ubuntu 12.04 LTS
Posts: 4

Rep: Reputation: Disabled
"logically" loosing encfs data


Hi all,

I'm doing backup to some remote site using sshfs and encfs. Actually I use 4 mounts for this.

Now I happend that the data from mount #1 seemed to have disappeared when listing the unencryped view via encfs. When listing the encryped view of sshfs everything seems fine.

I accessed the remote site and tried to encfs the encrypted data via encfs. Same result. Password seems fine, but the dir seems to be empty.

Did the same with another encrypted directory (i.e. mount #2) and everything seems fine, I do see all the folder and files.

I did try to write new file using the encfs view on the originating site ... and it shows up fine on the remote site using the encfs view.

I tried to recover the data on the remote site using

"encfsctl export encfs_dir dest_dir"

but all it does is decrypt the single file I just created on the originating site.

So my only idee is that I must somehow lost .encfs6.xml which was later created again. So loosing this file makes my encryted backup worthless???

Any idea how to recover data in this situation?

Any idea how to take precaution to avoid this situation in the future?

TIA Wolfgang
 
Old 12-09-2014, 08:03 AM   #2
neonsignal
Senior Member
 
Registered: Jan 2005
Location: Melbourne, Australia
Distribution: Debian Jessie (Fluxbox WM)
Posts: 1,388
Blog Entries: 52

Rep: Reputation: 355Reputation: 355Reputation: 355Reputation: 355
Unfortunately, if you have lost the original ".encfs6.xml" (in particular, the "encodedKeyData" field) then you will not be able to recover your files. The best mitigation strategy is to have backups, but I figure you already know that! You could also make the ".encfs6.xml" file read-only.

Last edited by neonsignal; 12-09-2014 at 08:04 AM.
 
Old 12-09-2014, 10:22 AM   #3
yxlan
LQ Newbie
 
Registered: Dec 2014
Location: Frankfurt am Main, Germany
Distribution: Ubuntu 12.04 LTS
Posts: 4

Original Poster
Rep: Reputation: Disabled
lost .encfs6.xml

OK, did some research und nowI know that this file is crucial :-(

But I did not find a description, when this file is created. The timestamp of the file indicates, that the original file was somehow deleted and that a new file was created. So my question to avoid this in the future: when does encfs build this file?

It is my understanding, that processes may access the encrypted and the unencrypted view to the files and that you may even mix encrypted und unencryped data. May this have caused the problem?

When encfs finds some .encfs6.xml, does it just show those files and directories that can sucessfully be de-crypted using the data found in .encfs6.xml?

I just would to avoid this kind of problem in the future ... and of cause secure the .encfs6.xml file now ... :-)

tx Wolfgang
 
Old 12-09-2014, 04:32 PM   #4
neonsignal
Senior Member
 
Registered: Jan 2005
Location: Melbourne, Australia
Distribution: Debian Jessie (Fluxbox WM)
Posts: 1,388
Blog Entries: 52

Rep: Reputation: 355Reputation: 355Reputation: 355Reputation: 355
Quote:
Originally Posted by yxlan View Post
OK, did some research und nowI know that this file is crucial :-(
But I did not find a description, when this file is created. The timestamp of the file indicates, that the original file was somehow deleted and that a new file was created. So my question to avoid this in the future: when does encfs build this file?
The file is created when encfs is first used to mount the directory. It isn't changed after that.

Quote:
When encfs finds some .encfs6.xml, does it just show those files and directories that can sucessfully be de-crypted using the data found in .encfs6.xml?
Yes, that is exactly how it works. There appears to be some sort of signature encoded into the filename so that it can determine which ones are to be mounted at the decrypt mountpoint.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
In search of a webpage - "old guy" ranting about "new" no-sql big data tech lupe General 2 10-17-2013 10:38 AM
[SOLVED] Is my data safe after running "sync" if I use data=writeback,barrier=0 (ext4)? *Dark Dragon* Linux - General 4 01-11-2012 02:25 PM
[SOLVED] "data=writeback" in fstab mounts root partition as "read-only" holister Linux - General 7 11-28-2011 09:47 PM
[SOLVED] Sendmail Error - Rejected after DATA: could not verify "From:" header address" soslinux Linux - Server 2 07-22-2010 07:09 AM
How to get the "data type" of an "unknown variable" in "C Language" ? Affair Programming 8 06-20-2009 12:30 PM


All times are GMT -5. The time now is 09:11 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration