Can I view the password of a mounted encrypted volume?
Clash Royale CLAN TAG#URR8PPP
up vote
12
down vote
favorite
First: yes, this was stupid, I know
A couple weeks ago I set up a new Ubuntu 18.04 machine, and included full disk encryption. It's been running since then, just locked at night. Today I was about to reboot it to update some software, and realized I wasn't entirely certain what the boot password is. (Well, at first I was certain I didn't remember it, but now I think I've remembered it.) Still, I'd like to be sure before I reboot.
I saw a post that said that ecryptfs-unwrap-passphrase
should get me the information, but running it (with or without sudo) gets me a stat: no such file or directory
error. I've found a video that shows me how to extract the master key and add a new passphrase, but I worry I'll screw something up and have to start over anyway.
Any help?
boot password encryption luks
add a comment |Â
up vote
12
down vote
favorite
First: yes, this was stupid, I know
A couple weeks ago I set up a new Ubuntu 18.04 machine, and included full disk encryption. It's been running since then, just locked at night. Today I was about to reboot it to update some software, and realized I wasn't entirely certain what the boot password is. (Well, at first I was certain I didn't remember it, but now I think I've remembered it.) Still, I'd like to be sure before I reboot.
I saw a post that said that ecryptfs-unwrap-passphrase
should get me the information, but running it (with or without sudo) gets me a stat: no such file or directory
error. I've found a video that shows me how to extract the master key and add a new passphrase, but I worry I'll screw something up and have to start over anyway.
Any help?
boot password encryption luks
What is the output oflsblk /dev/sda
? change/dev/sda
with your primary drive which Ubuntu is installed on.
â Ravexina
Aug 14 at 1:55
1
You mentioned you found a video, but see also: unix.stackexchange.com/a/161920/4358 . While this provides instructions on setting a new password, it also tells you how to obtain the master key.
â Patrick
Aug 14 at 12:18
add a comment |Â
up vote
12
down vote
favorite
up vote
12
down vote
favorite
First: yes, this was stupid, I know
A couple weeks ago I set up a new Ubuntu 18.04 machine, and included full disk encryption. It's been running since then, just locked at night. Today I was about to reboot it to update some software, and realized I wasn't entirely certain what the boot password is. (Well, at first I was certain I didn't remember it, but now I think I've remembered it.) Still, I'd like to be sure before I reboot.
I saw a post that said that ecryptfs-unwrap-passphrase
should get me the information, but running it (with or without sudo) gets me a stat: no such file or directory
error. I've found a video that shows me how to extract the master key and add a new passphrase, but I worry I'll screw something up and have to start over anyway.
Any help?
boot password encryption luks
First: yes, this was stupid, I know
A couple weeks ago I set up a new Ubuntu 18.04 machine, and included full disk encryption. It's been running since then, just locked at night. Today I was about to reboot it to update some software, and realized I wasn't entirely certain what the boot password is. (Well, at first I was certain I didn't remember it, but now I think I've remembered it.) Still, I'd like to be sure before I reboot.
I saw a post that said that ecryptfs-unwrap-passphrase
should get me the information, but running it (with or without sudo) gets me a stat: no such file or directory
error. I've found a video that shows me how to extract the master key and add a new passphrase, but I worry I'll screw something up and have to start over anyway.
Any help?
boot password encryption luks
asked Aug 14 at 1:40
jbhelfrich
9817
9817
What is the output oflsblk /dev/sda
? change/dev/sda
with your primary drive which Ubuntu is installed on.
â Ravexina
Aug 14 at 1:55
1
You mentioned you found a video, but see also: unix.stackexchange.com/a/161920/4358 . While this provides instructions on setting a new password, it also tells you how to obtain the master key.
â Patrick
Aug 14 at 12:18
add a comment |Â
What is the output oflsblk /dev/sda
? change/dev/sda
with your primary drive which Ubuntu is installed on.
â Ravexina
Aug 14 at 1:55
1
You mentioned you found a video, but see also: unix.stackexchange.com/a/161920/4358 . While this provides instructions on setting a new password, it also tells you how to obtain the master key.
â Patrick
Aug 14 at 12:18
What is the output of
lsblk /dev/sda
? change /dev/sda
with your primary drive which Ubuntu is installed on.â Ravexina
Aug 14 at 1:55
What is the output of
lsblk /dev/sda
? change /dev/sda
with your primary drive which Ubuntu is installed on.â Ravexina
Aug 14 at 1:55
1
1
You mentioned you found a video, but see also: unix.stackexchange.com/a/161920/4358 . While this provides instructions on setting a new password, it also tells you how to obtain the master key.
â Patrick
Aug 14 at 12:18
You mentioned you found a video, but see also: unix.stackexchange.com/a/161920/4358 . While this provides instructions on setting a new password, it also tells you how to obtain the master key.
â Patrick
Aug 14 at 12:18
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
21
down vote
accepted
Full disk encryption uses cryptsetup
to manage LUKS encrypted devices and not ecryptfs
and ecryptfs-unwrap-passphrase
is a part of ecryptfs-utils
which I guess is not installed on your system and has nothing to do with your setup and encrypted volume.
The answer to your question is: No you can not see the passphrase of an encrypted LUKS volume.
What I suggest is using:
sudo cryptsetup open /dev/sdXY new_mapper
which /dev/sdXY
is your encrypted partition, it will ask for your user password (sudo) and then for the passphrase. try different possible passphrases to find the correct one.
If your passphrase was wrong you will get an error:
No key available with this passphrase
otherwise (if it was correct) an message will show up complaining that device is already in use. then you are good to go and safe to reboot knowing what your passphrase is.
6
If anyone lands here and doesn't know what to substitute for/dev/sdXY
, you can run this command.cat /etc/crypttab | cut -f2 | grep -oiP "[0-9a-z]+-[0-9a-z-]+" | while read line; do ls -l /dev/disk/by-uuid/ | grep $line | awk 'print "/dev/disk/by-uuid/"$11' | xargs readlink -f ;done
. It will spit out the paths for all devices referred to in /etc/crypttab.
â b_laoshi
Aug 14 at 2:21
1
What aboutgrep -Poi "(?<=UUID=).*?(?=s)" /etc/crypttab | xargs -IL readlink -f /dev/disk/by-uuid/L
â Ravexina
Aug 14 at 7:26
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
21
down vote
accepted
Full disk encryption uses cryptsetup
to manage LUKS encrypted devices and not ecryptfs
and ecryptfs-unwrap-passphrase
is a part of ecryptfs-utils
which I guess is not installed on your system and has nothing to do with your setup and encrypted volume.
The answer to your question is: No you can not see the passphrase of an encrypted LUKS volume.
What I suggest is using:
sudo cryptsetup open /dev/sdXY new_mapper
which /dev/sdXY
is your encrypted partition, it will ask for your user password (sudo) and then for the passphrase. try different possible passphrases to find the correct one.
If your passphrase was wrong you will get an error:
No key available with this passphrase
otherwise (if it was correct) an message will show up complaining that device is already in use. then you are good to go and safe to reboot knowing what your passphrase is.
6
If anyone lands here and doesn't know what to substitute for/dev/sdXY
, you can run this command.cat /etc/crypttab | cut -f2 | grep -oiP "[0-9a-z]+-[0-9a-z-]+" | while read line; do ls -l /dev/disk/by-uuid/ | grep $line | awk 'print "/dev/disk/by-uuid/"$11' | xargs readlink -f ;done
. It will spit out the paths for all devices referred to in /etc/crypttab.
â b_laoshi
Aug 14 at 2:21
1
What aboutgrep -Poi "(?<=UUID=).*?(?=s)" /etc/crypttab | xargs -IL readlink -f /dev/disk/by-uuid/L
â Ravexina
Aug 14 at 7:26
add a comment |Â
up vote
21
down vote
accepted
Full disk encryption uses cryptsetup
to manage LUKS encrypted devices and not ecryptfs
and ecryptfs-unwrap-passphrase
is a part of ecryptfs-utils
which I guess is not installed on your system and has nothing to do with your setup and encrypted volume.
The answer to your question is: No you can not see the passphrase of an encrypted LUKS volume.
What I suggest is using:
sudo cryptsetup open /dev/sdXY new_mapper
which /dev/sdXY
is your encrypted partition, it will ask for your user password (sudo) and then for the passphrase. try different possible passphrases to find the correct one.
If your passphrase was wrong you will get an error:
No key available with this passphrase
otherwise (if it was correct) an message will show up complaining that device is already in use. then you are good to go and safe to reboot knowing what your passphrase is.
6
If anyone lands here and doesn't know what to substitute for/dev/sdXY
, you can run this command.cat /etc/crypttab | cut -f2 | grep -oiP "[0-9a-z]+-[0-9a-z-]+" | while read line; do ls -l /dev/disk/by-uuid/ | grep $line | awk 'print "/dev/disk/by-uuid/"$11' | xargs readlink -f ;done
. It will spit out the paths for all devices referred to in /etc/crypttab.
â b_laoshi
Aug 14 at 2:21
1
What aboutgrep -Poi "(?<=UUID=).*?(?=s)" /etc/crypttab | xargs -IL readlink -f /dev/disk/by-uuid/L
â Ravexina
Aug 14 at 7:26
add a comment |Â
up vote
21
down vote
accepted
up vote
21
down vote
accepted
Full disk encryption uses cryptsetup
to manage LUKS encrypted devices and not ecryptfs
and ecryptfs-unwrap-passphrase
is a part of ecryptfs-utils
which I guess is not installed on your system and has nothing to do with your setup and encrypted volume.
The answer to your question is: No you can not see the passphrase of an encrypted LUKS volume.
What I suggest is using:
sudo cryptsetup open /dev/sdXY new_mapper
which /dev/sdXY
is your encrypted partition, it will ask for your user password (sudo) and then for the passphrase. try different possible passphrases to find the correct one.
If your passphrase was wrong you will get an error:
No key available with this passphrase
otherwise (if it was correct) an message will show up complaining that device is already in use. then you are good to go and safe to reboot knowing what your passphrase is.
Full disk encryption uses cryptsetup
to manage LUKS encrypted devices and not ecryptfs
and ecryptfs-unwrap-passphrase
is a part of ecryptfs-utils
which I guess is not installed on your system and has nothing to do with your setup and encrypted volume.
The answer to your question is: No you can not see the passphrase of an encrypted LUKS volume.
What I suggest is using:
sudo cryptsetup open /dev/sdXY new_mapper
which /dev/sdXY
is your encrypted partition, it will ask for your user password (sudo) and then for the passphrase. try different possible passphrases to find the correct one.
If your passphrase was wrong you will get an error:
No key available with this passphrase
otherwise (if it was correct) an message will show up complaining that device is already in use. then you are good to go and safe to reboot knowing what your passphrase is.
answered Aug 14 at 2:09
Ravexina
26.8k146492
26.8k146492
6
If anyone lands here and doesn't know what to substitute for/dev/sdXY
, you can run this command.cat /etc/crypttab | cut -f2 | grep -oiP "[0-9a-z]+-[0-9a-z-]+" | while read line; do ls -l /dev/disk/by-uuid/ | grep $line | awk 'print "/dev/disk/by-uuid/"$11' | xargs readlink -f ;done
. It will spit out the paths for all devices referred to in /etc/crypttab.
â b_laoshi
Aug 14 at 2:21
1
What aboutgrep -Poi "(?<=UUID=).*?(?=s)" /etc/crypttab | xargs -IL readlink -f /dev/disk/by-uuid/L
â Ravexina
Aug 14 at 7:26
add a comment |Â
6
If anyone lands here and doesn't know what to substitute for/dev/sdXY
, you can run this command.cat /etc/crypttab | cut -f2 | grep -oiP "[0-9a-z]+-[0-9a-z-]+" | while read line; do ls -l /dev/disk/by-uuid/ | grep $line | awk 'print "/dev/disk/by-uuid/"$11' | xargs readlink -f ;done
. It will spit out the paths for all devices referred to in /etc/crypttab.
â b_laoshi
Aug 14 at 2:21
1
What aboutgrep -Poi "(?<=UUID=).*?(?=s)" /etc/crypttab | xargs -IL readlink -f /dev/disk/by-uuid/L
â Ravexina
Aug 14 at 7:26
6
6
If anyone lands here and doesn't know what to substitute for
/dev/sdXY
, you can run this command. cat /etc/crypttab | cut -f2 | grep -oiP "[0-9a-z]+-[0-9a-z-]+" | while read line; do ls -l /dev/disk/by-uuid/ | grep $line | awk 'print "/dev/disk/by-uuid/"$11' | xargs readlink -f ;done
. It will spit out the paths for all devices referred to in /etc/crypttab.â b_laoshi
Aug 14 at 2:21
If anyone lands here and doesn't know what to substitute for
/dev/sdXY
, you can run this command. cat /etc/crypttab | cut -f2 | grep -oiP "[0-9a-z]+-[0-9a-z-]+" | while read line; do ls -l /dev/disk/by-uuid/ | grep $line | awk 'print "/dev/disk/by-uuid/"$11' | xargs readlink -f ;done
. It will spit out the paths for all devices referred to in /etc/crypttab.â b_laoshi
Aug 14 at 2:21
1
1
What about
grep -Poi "(?<=UUID=).*?(?=s)" /etc/crypttab | xargs -IL readlink -f /dev/disk/by-uuid/L
â Ravexina
Aug 14 at 7:26
What about
grep -Poi "(?<=UUID=).*?(?=s)" /etc/crypttab | xargs -IL readlink -f /dev/disk/by-uuid/L
â Ravexina
Aug 14 at 7:26
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1065142%2fcan-i-view-the-password-of-a-mounted-encrypted-volume%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
What is the output of
lsblk /dev/sda
? change/dev/sda
with your primary drive which Ubuntu is installed on.â Ravexina
Aug 14 at 1:55
1
You mentioned you found a video, but see also: unix.stackexchange.com/a/161920/4358 . While this provides instructions on setting a new password, it also tells you how to obtain the master key.
â Patrick
Aug 14 at 12:18