如果在挂载加密目录时无法在用户的内核密钥环中找到密码,则 Ecryptfs 不会提供有用的错误。
解决方案是显示一条错误,提示“无法执行 eCryptfs 挂载,未找到存储的密码:[-32]”
ecryptfs 在系统日志中报告的错误如下:
mount.ecryptfs: Failed to perform eCryptfs mount: [-32]
在控制台输出中:
mount: mount(2) failed: No such file or directory
Error mounting eCryptfs: [-1] Operation not permitted
以下是控制台输出:
eric@skylab:~$ sudo ./mount.sh
Unable to find a list of options to parse, defaulting to interactive mount
Passphrase:
Select cipher:
1) aes: blocksize = 16; min keysize = 16; max keysize = 32
2) blowfish: blocksize = 8; min keysize = 16; max keysize = 56
3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24
4) twofish: blocksize = 16; min keysize = 16; max keysize = 32
5) cast6: blocksize = 16; min keysize = 16; max keysize = 32
6) cast5: blocksize = 8; min keysize = 5; max keysize = 16
Selection [aes]:
Select key bytes:
1) 16
2) 32
3) 24
Selection [16]:
Enable plaintext passthrough (y/n) [n]:
Enable filename encryption (y/n) [n]: y
Filename Encryption Key (FNEK) Signature [d395309aaad4de06]: be877764c5918621
Unable to find a list of options to parse, defaulting to interactive mount
Attempting to mount with the following options:
ecryptfs_unlink_sigs
ecryptfs_fnek_sig=be877764c5918621
ecryptfs_key_bytes=16
ecryptfs_cipher=aes
ecryptfs_sig=d395309aaad4de06
mount: mount(2) failed: No such file or directory
Error mounting eCryptfs: [-1] Operation not permitted
Check your system logs; visit <http://ecryptfs.org/support.html>
答案1
使用文件名加密密钥运行 ecryptfs add passphrase 命令(如果您要加密文件名)
ecryptfs-add-passphrase --fnek
答案2
这是一个常见的错误,当你要挂载旧的主目录,但实际上没有成功挂载当前用户的加密主目录(如果新旧用户名相同)。
/home/<user>/.Private
是符号链接至/home/.ecryptfs/<user>/.Private
。在新系统上,它指向您当前的主目录,而不是您可能尝试挂载的旧主目录。
因此,请注意安装.ecryptfs/<user>/.Private
,而不仅仅是<user>/.Private
。