LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 02-23-2016, 07:11 PM   #16
Delusion of Adequacy
LQ Newbie
 
Registered: Jan 2016
Distribution: Linux Mint 17.2 Rafaela Xfce 64 bit
Posts: 24

Original Poster
Rep: Reputation: Disabled

Quote:
Originally Posted by BW-userx View Post
but yeah... and did you really have a need for it?
Nah, it's mainly a paranoia thing
 
Old 02-23-2016, 07:19 PM   #17
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (current), FreeBSD, Win10, It varies
Posts: 9,952

Rep: Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148
from this in what he said:
Quote:
Originally Posted by af7567
Does the encrypted home option use your login password as your encryption password too? If so it sounds like your encrypted home is using your typoed password but your account is using the new password you set from the root shell, so they are out of sync.
that is a design issue then. Because it sould not matter reguardless by what method you used to change your password, because only you or root user can do this. For it not to sync, to me, is a malfunction within the design of said distro.

I do not use encription so that is an at first glance option.
 
Old 02-23-2016, 07:21 PM   #18
Delusion of Adequacy
LQ Newbie
 
Registered: Jan 2016
Distribution: Linux Mint 17.2 Rafaela Xfce 64 bit
Posts: 24

Original Poster
Rep: Reputation: Disabled
I tried the below. It did manage to mount the private files, but their still encrypted

Code:
mint@mint ~ $ sudo ecryptfs-recover-private
INFO: Searching for encrypted private directories (this might take a while)...
INFO: Found [/media/mint/34e5c4fa-0621-46cb-83b0-763c2a0dc49c/home/.ecryptfs/tijmen/.Private].
Try to recover this directory? [Y/n]: y
INFO: Found your wrapped-passphrase
Do you know your LOGIN passphrase? [Y/n] y
INFO: Enter your LOGIN passphrase...
Passphrase: 
Error: Unwrapping passphrase and inserting into the user session keyring failed [-5]
Info: Check the system log for more information from libecryptfs
mint@mint ~ $ sudo ecryptfs-recover-private
INFO: Searching for encrypted private directories (this might take a while)...
INFO: Found [/media/mint/34e5c4fa-0621-46cb-83b0-763c2a0dc49c/home/.ecryptfs/tijmen/.Private].
Try to recover this directory? [Y/n]: y
INFO: Found your wrapped-passphrase
Do you know your LOGIN passphrase? [Y/n] n
INFO: To recover this directory, you MUST have your original MOUNT passphrase.
INFO: When you first setup your encrypted private directory, you were told to record
INFO: your MOUNT passphrase.
INFO: It should be 32 characters long, consisting of [0-9] and [a-f].

Enter your MOUNT passphrase: 
INFO: Success!  Private data mounted at [/tmp/ecryptfs.cQtlJNMc].
mint@mint ~ $
 
Old 02-23-2016, 07:23 PM   #19
Delusion of Adequacy
LQ Newbie
 
Registered: Jan 2016
Distribution: Linux Mint 17.2 Rafaela Xfce 64 bit
Posts: 24

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by BW-userx View Post
from this in what he said:


that is a design issue then. Because it sould not matter reguardless by what method you used to change your password, because only you or root user can do this. For it not to sync, to me, is a malfunction within the design of said distro.

I do not use encription so that is an at first glance option.
I can see why they did this; otherwise anyone with access to the computer and a little knowledge of linux could easily use root to change the password and gain access. That's the trouble with encryption: it's either convenient and user friendly, or as safe as possible. Never both.
 
Old 02-23-2016, 07:35 PM   #20
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (current), FreeBSD, Win10, It varies
Posts: 9,952

Rep: Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148
Quote:
Originally Posted by Delusion of Adequacy View Post
I can see why they did this; otherwise anyone with access to the computer and a little knowledge of linux could easily use root to change the password and gain access. That's the trouble with encryption: it's either convenient and user friendly, or as safe as possible. Never both.
yeah I too can see it with distros like mint or Ubuntututu that give a user a backdoor to root, because they do not actually give the user a front door. so the backdoor no password needed for root is what they have to use instead. because you cannot actually get rid of root

that is more a security issue then allowing a user to put a root user password in, and creating a actual root user account.

that too is another reason I stay away from distros that do not give the user a root account. It is a necessity.

one can just switch tty's and they still have to know the root passwd to get in. but them that do,are mostly the person that owns it and is acutally the root user with another user account. that is the way it should be.

then he can do as he did change passwords. being that it was an actual root account that it'd be done in. Then I wonder if that sync would have still failed? because it was not done in an passwordless root shell crap that any one can use.

Last edited by BW-userx; 02-23-2016 at 07:43 PM.
 
Old 02-23-2016, 07:40 PM   #21
Delusion of Adequacy
LQ Newbie
 
Registered: Jan 2016
Distribution: Linux Mint 17.2 Rafaela Xfce 64 bit
Posts: 24

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by BW-userx View Post
yeah I too can see it with distros like mint or Ubuntututu that give a user a backdoor to root, because they do not actually give the user a front door. so the backdoor no password needed for root is what they hae to use instead. because you cannot actually get rid of root

that is more a security issue then allowing a user to put a root user password in, and creating a actual root user.

that too is another reason I stay away from distros that do not give the user a root account. It is a nessessity.

one can just switch tty's and they still have to know the root passwd to get in. but the that do, mostly the person that owns it is acutally the root user with another user account. then he can do as he did change passwords. being that it was an actual root account that it'd be done in. Then I wonder if that sync would hae still failed? because it was not done in an passwordless root shell crap that any one can use.
Correct that's a major issue, which seems like it could have easily been avoided.

Anyway, the mount passphrase is a 32 character phrase made up from a-z and 0-9, so brute forcing it isn't really an option either. I'm off back to DuckDuckGo, to see what else I can find. Thanks for all your help so far
 
Old 02-23-2016, 07:51 PM   #22
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (current), FreeBSD, Win10, It varies
Posts: 9,952

Rep: Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148
Quote:
Originally Posted by Delusion of Adequacy View Post
Correct that's a major issue, which seems like it could have easily been avoided.

Anyway, the mount passphrase is a 32 character phrase made up from a-z and 0-9, so brute forcing it isn't really an option either. I'm off back to DuckDuckGo, to see what else I can find. Thanks for all your help so far
there use to be a really good website called 'hackers.com' with all kinds of useful tools hehehe
I just checked and its no longer up
 
Old 02-23-2016, 07:58 PM   #23
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (current), FreeBSD, Win10, It varies
Posts: 9,952

Rep: Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148

Hack Like a Pro: How to Crack User Passwords in a Linux System



Password Cracking Software
 
Old 02-23-2016, 08:18 PM   #24
Delusion of Adequacy
LQ Newbie
 
Registered: Jan 2016
Distribution: Linux Mint 17.2 Rafaela Xfce 64 bit
Posts: 24

Original Poster
Rep: Reputation: Disabled
hehehe, thanks for those. Unfortunately, my passwords are highly secure against attacks like those outlined in these articles. Again, it's my own security measures horribly backfiring..
 
Old 02-23-2016, 08:22 PM   #25
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (current), FreeBSD, Win10, It varies
Posts: 9,952

Rep: Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148
as you typo'ed your password then logic states it should be something relatively close to your actual password you think you used.

how many attempts you're allowed before getting locked out and if it is only a timed lockout I do not know.

you sould post a question on Stack Exchange on resyncing a encripted home directory

Last edited by BW-userx; 02-23-2016 at 08:24 PM.
 
Old 02-23-2016, 08:30 PM   #26
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (current), FreeBSD, Win10, It varies
Posts: 9,952

Rep: Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148
how to recover wrapped-passphrase????
read towards the bottom of this page I think this person recovered his wrapped-passphrase. He got his stuff back

read
post #5,and 6

I have no idea of what I am doing in how this actually works but this might help.

Last edited by BW-userx; 02-23-2016 at 08:47 PM.
 
Old 02-24-2016, 02:46 AM   #27
Delusion of Adequacy
LQ Newbie
 
Registered: Jan 2016
Distribution: Linux Mint 17.2 Rafaela Xfce 64 bit
Posts: 24

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by BW-userx View Post
how to recover wrapped-passphrase????
read towards the bottom of this page I think this person recovered his wrapped-passphrase. He got his stuff back

read
post #5,and 6

I have no idea of what I am doing in how this actually works but this might help.
Thanks for that. unfortunately, that approach gave no result either.
Code:
mint@mint ~ $ ecryptfs-unwrap-passphrase /media/mint/34e5c4fa-0621-46cb-83b0-763c2a0dc49c/home/.ecryptfs/tijmen/.Private/.ecryptfs/wrapped-passphrase
Passphrase: 
Error: Unwrapping passphrase failed [-13]
Info: Check the system log for more information from libecryptfs
 
Old 02-24-2016, 02:56 AM   #28
Delusion of Adequacy
LQ Newbie
 
Registered: Jan 2016
Distribution: Linux Mint 17.2 Rafaela Xfce 64 bit
Posts: 24

Original Poster
Rep: Reputation: Disabled
The below is from my syslog. This seems to happen consistently when I try to access the encrypted folder

Code:
Feb 24 00:34:49 tijmen-desktop atieventsd[2247]: ATI External Events Daemon started...
Feb 24 00:34:49 tijmen-desktop atieventsd[2247]: Event daemon control socket created
Feb 24 00:34:49 tijmen-desktop atieventsd[2247]: acpid connection established
Feb 24 00:34:49 tijmen-desktop acpid: client connected from 2247[0:0]
Feb 24 00:34:49 tijmen-desktop acpid: 1 client rule loaded
Feb 24 00:34:49 tijmen-desktop kernel: [   69.661985] init: plymouth-stop pre-start process (2306) terminated with status 1
Feb 24 00:35:10 tijmen-desktop mdm[2313]: pam_ecryptfs: Passphrase file wrapped
Feb 24 00:35:10 tijmen-desktop mdm[2313]: Incorrect wrapping key for file [/home/tijmen/.ecryptfs/wrapped-passphrase]
Feb 24 00:35:10 tijmen-desktop mdm[2313]: Error attempting to unwrap passphrase from file [/home/tijmen/.ecryptfs/wrapped-passphrase]; rc = [-5]
Feb 24 00:35:10 tijmen-desktop mdm[2313]: pam_ecryptfs: Error adding passphrase key token to user session keyring; rc = [-5]
Feb 24 00:35:10 tijmen-desktop mdm[1778]: GLib-CRITICAL: g_key_file_free: assertion 'key_file != NULL' failed
Feb 24 00:35:10 tijmen-desktop mdm[1778]: GLib-CRITICAL: g_key_file_free: assertion 'key_file != NULL' failed
Feb 24 00:35:10 tijmen-desktop mdm[1778]: GLib-CRITICAL: g_key_file_get_string: assertion 'key_file != NULL' failed
Feb 24 00:35:10 tijmen-desktop mdm[1778]: GLib-CRITICAL: g_key_file_free: assertion 'key_file != NULL' failed
Feb 24 00:35:10 tijmen-desktop mdm[1778]: WARNING: run_session_child: Could not open ~/.xsession-errors
Feb 24 00:35:10 tijmen-desktop dbus[724]: [system] Activating service name='org.freedesktop.ConsoleKit' (using servicehelper)
Feb 24 00:35:10 tijmen-desktop dbus[724]: [system] Successfully activated service 'org.freedesktop.ConsoleKit'
Feb 24 00:35:19 tijmen-desktop mdm[2713]: Gtk-WARNING: Ignoring the separator setting
 
Old 02-25-2016, 08:49 AM   #29
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (current), FreeBSD, Win10, It varies
Posts: 9,952

Rep: Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148
Quote:
Originally Posted by Delusion of Adequacy View Post
The below is from my syslog. This seems to happen consistently when I try to access the encrypted folder

Code:
Feb 24 00:34:49 tijmen-desktop atieventsd[2247]: ATI External Events Daemon started...
Feb 24 00:34:49 tijmen-desktop atieventsd[2247]: Event daemon control socket created
Feb 24 00:34:49 tijmen-desktop atieventsd[2247]: acpid connection established
Feb 24 00:34:49 tijmen-desktop acpid: client connected from 2247[0:0]
Feb 24 00:34:49 tijmen-desktop acpid: 1 client rule loaded
Feb 24 00:34:49 tijmen-desktop kernel: [   69.661985] init: plymouth-stop pre-start process (2306) terminated with status 1
Feb 24 00:35:10 tijmen-desktop mdm[2313]: pam_ecryptfs: Passphrase file wrapped



Feb 24 00:35:10 tijmen-desktop mdm[2313]: Incorrect wrapping key for file [/home/tijmen/.ecryptfs/wrapped-passphrase]
either the correct key got screwed up somehow or you're using the wrong key... that is what I'd access from that information. Then I'd attept the proper actions that would hopefully remove said error.

Last edited by BW-userx; 02-25-2016 at 08:50 AM.
 
  


Reply

Tags
login, mint, startup, xsession


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Linux Mint 17.1 manual username login cquint Linux - Desktop 2 03-20-2015 08:00 PM
I made a mistake changing my /home/username/pubIic_html/ ownership to username:user Sionek2u Linux - Newbie 5 06-20-2012 10:30 AM
create a shortcut in /home/username/Desktop but not still not appear on desktop! swgiant Linux - Newbie 1 09-27-2008 11:51 AM
error: failed to stat /home/username/.gvfs: Permission denied ? Shadowmeph Linux - General 2 09-22-2008 05:07 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 03:17 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration