Can I view the password of a mounted encrypted volume?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
12
down vote

favorite
1












First: yes, this was stupid, I know



A couple weeks ago I set up a new Ubuntu 18.04 machine, and included full disk encryption. It's been running since then, just locked at night. Today I was about to reboot it to update some software, and realized I wasn't entirely certain what the boot password is. (Well, at first I was certain I didn't remember it, but now I think I've remembered it.) Still, I'd like to be sure before I reboot.



I saw a post that said that ecryptfs-unwrap-passphrase should get me the information, but running it (with or without sudo) gets me a stat: no such file or directory error. I've found a video that shows me how to extract the master key and add a new passphrase, but I worry I'll screw something up and have to start over anyway.



Any help?




boot password encryption luks




share|improve this question




















  • What is the output of lsblk /dev/sda? change /dev/sda with your primary drive which Ubuntu is installed on.
    – Ravexina
    Aug 14 at 1:55






  • 1




    You mentioned you found a video, but see also: unix.stackexchange.com/a/161920/4358 . While this provides instructions on setting a new password, it also tells you how to obtain the master key.
    – Patrick
    Aug 14 at 12:18















up vote
12
down vote

favorite
1












First: yes, this was stupid, I know



A couple weeks ago I set up a new Ubuntu 18.04 machine, and included full disk encryption. It's been running since then, just locked at night. Today I was about to reboot it to update some software, and realized I wasn't entirely certain what the boot password is. (Well, at first I was certain I didn't remember it, but now I think I've remembered it.) Still, I'd like to be sure before I reboot.



I saw a post that said that ecryptfs-unwrap-passphrase should get me the information, but running it (with or without sudo) gets me a stat: no such file or directory error. I've found a video that shows me how to extract the master key and add a new passphrase, but I worry I'll screw something up and have to start over anyway.



Any help?




boot password encryption luks




share|improve this question




















  • What is the output of lsblk /dev/sda? change /dev/sda with your primary drive which Ubuntu is installed on.
    – Ravexina
    Aug 14 at 1:55






  • 1




    You mentioned you found a video, but see also: unix.stackexchange.com/a/161920/4358 . While this provides instructions on setting a new password, it also tells you how to obtain the master key.
    – Patrick
    Aug 14 at 12:18













up vote
12
down vote

favorite
1









up vote
12
down vote

favorite
1






1





First: yes, this was stupid, I know



A couple weeks ago I set up a new Ubuntu 18.04 machine, and included full disk encryption. It's been running since then, just locked at night. Today I was about to reboot it to update some software, and realized I wasn't entirely certain what the boot password is. (Well, at first I was certain I didn't remember it, but now I think I've remembered it.) Still, I'd like to be sure before I reboot.



I saw a post that said that ecryptfs-unwrap-passphrase should get me the information, but running it (with or without sudo) gets me a stat: no such file or directory error. I've found a video that shows me how to extract the master key and add a new passphrase, but I worry I'll screw something up and have to start over anyway.



Any help?




boot password encryption luks




share|improve this question












First: yes, this was stupid, I know



A couple weeks ago I set up a new Ubuntu 18.04 machine, and included full disk encryption. It's been running since then, just locked at night. Today I was about to reboot it to update some software, and realized I wasn't entirely certain what the boot password is. (Well, at first I was certain I didn't remember it, but now I think I've remembered it.) Still, I'd like to be sure before I reboot.



I saw a post that said that ecryptfs-unwrap-passphrase should get me the information, but running it (with or without sudo) gets me a stat: no such file or directory error. I've found a video that shows me how to extract the master key and add a new passphrase, but I worry I'll screw something up and have to start over anyway.



Any help?





boot password encryption luks





share|improve this question











share|improve this question




share|improve this question










asked Aug 14 at 1:40









jbhelfrich

9817




9817











  • What is the output of lsblk /dev/sda? change /dev/sda with your primary drive which Ubuntu is installed on.
    – Ravexina
    Aug 14 at 1:55






  • 1




    You mentioned you found a video, but see also: unix.stackexchange.com/a/161920/4358 . While this provides instructions on setting a new password, it also tells you how to obtain the master key.
    – Patrick
    Aug 14 at 12:18

















  • What is the output of lsblk /dev/sda? change /dev/sda with your primary drive which Ubuntu is installed on.
    – Ravexina
    Aug 14 at 1:55






  • 1




    You mentioned you found a video, but see also: unix.stackexchange.com/a/161920/4358 . While this provides instructions on setting a new password, it also tells you how to obtain the master key.
    – Patrick
    Aug 14 at 12:18
















What is the output of lsblk /dev/sda? change /dev/sda with your primary drive which Ubuntu is installed on.
– Ravexina
Aug 14 at 1:55




What is the output of lsblk /dev/sda? change /dev/sda with your primary drive which Ubuntu is installed on.
– Ravexina
Aug 14 at 1:55




1




1




You mentioned you found a video, but see also: unix.stackexchange.com/a/161920/4358 . While this provides instructions on setting a new password, it also tells you how to obtain the master key.
– Patrick
Aug 14 at 12:18





You mentioned you found a video, but see also: unix.stackexchange.com/a/161920/4358 . While this provides instructions on setting a new password, it also tells you how to obtain the master key.
– Patrick
Aug 14 at 12:18











1 Answer
1






active

oldest

votes

















up vote
21
down vote



accepted










Full disk encryption uses cryptsetup to manage LUKS encrypted devices and not ecryptfs and ecryptfs-unwrap-passphrase is a part of ecryptfs-utils which I guess is not installed on your system and has nothing to do with your setup and encrypted volume.



The answer to your question is: No you can not see the passphrase of an encrypted LUKS volume.



What I suggest is using:



sudo cryptsetup open /dev/sdXY new_mapper


which /dev/sdXY is your encrypted partition, it will ask for your user password (sudo) and then for the passphrase. try different possible passphrases to find the correct one.



If your passphrase was wrong you will get an error:



No key available with this passphrase


otherwise (if it was correct) an message will show up complaining that device is already in use. then you are good to go and safe to reboot knowing what your passphrase is.






share|improve this answer
















  • 6




    If anyone lands here and doesn't know what to substitute for /dev/sdXY, you can run this command. cat /etc/crypttab | cut -f2 | grep -oiP "[0-9a-z]+-[0-9a-z-]+" | while read line; do ls -l /dev/disk/by-uuid/ | grep $line | awk 'print "/dev/disk/by-uuid/"$11' | xargs readlink -f ;done. It will spit out the paths for all devices referred to in /etc/crypttab.
    – b_laoshi
    Aug 14 at 2:21







  • 1




    What about grep -Poi "(?<=UUID=).*?(?=s)" /etc/crypttab | xargs -IL readlink -f /dev/disk/by-uuid/L
    – Ravexina
    Aug 14 at 7:26










Your Answer







StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "89"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1065142%2fcan-i-view-the-password-of-a-mounted-encrypted-volume%23new-answer', 'question_page');

);

Post as a guest

















1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
21
down vote



accepted










Full disk encryption uses cryptsetup to manage LUKS encrypted devices and not ecryptfs and ecryptfs-unwrap-passphrase is a part of ecryptfs-utils which I guess is not installed on your system and has nothing to do with your setup and encrypted volume.



The answer to your question is: No you can not see the passphrase of an encrypted LUKS volume.



What I suggest is using:



sudo cryptsetup open /dev/sdXY new_mapper


which /dev/sdXY is your encrypted partition, it will ask for your user password (sudo) and then for the passphrase. try different possible passphrases to find the correct one.



If your passphrase was wrong you will get an error:



No key available with this passphrase


otherwise (if it was correct) an message will show up complaining that device is already in use. then you are good to go and safe to reboot knowing what your passphrase is.






share|improve this answer
















  • 6




    If anyone lands here and doesn't know what to substitute for /dev/sdXY, you can run this command. cat /etc/crypttab | cut -f2 | grep -oiP "[0-9a-z]+-[0-9a-z-]+" | while read line; do ls -l /dev/disk/by-uuid/ | grep $line | awk 'print "/dev/disk/by-uuid/"$11' | xargs readlink -f ;done. It will spit out the paths for all devices referred to in /etc/crypttab.
    – b_laoshi
    Aug 14 at 2:21







  • 1




    What about grep -Poi "(?<=UUID=).*?(?=s)" /etc/crypttab | xargs -IL readlink -f /dev/disk/by-uuid/L
    – Ravexina
    Aug 14 at 7:26














up vote
21
down vote



accepted










Full disk encryption uses cryptsetup to manage LUKS encrypted devices and not ecryptfs and ecryptfs-unwrap-passphrase is a part of ecryptfs-utils which I guess is not installed on your system and has nothing to do with your setup and encrypted volume.



The answer to your question is: No you can not see the passphrase of an encrypted LUKS volume.



What I suggest is using:



sudo cryptsetup open /dev/sdXY new_mapper


which /dev/sdXY is your encrypted partition, it will ask for your user password (sudo) and then for the passphrase. try different possible passphrases to find the correct one.



If your passphrase was wrong you will get an error:



No key available with this passphrase


otherwise (if it was correct) an message will show up complaining that device is already in use. then you are good to go and safe to reboot knowing what your passphrase is.






share|improve this answer
















  • 6




    If anyone lands here and doesn't know what to substitute for /dev/sdXY, you can run this command. cat /etc/crypttab | cut -f2 | grep -oiP "[0-9a-z]+-[0-9a-z-]+" | while read line; do ls -l /dev/disk/by-uuid/ | grep $line | awk 'print "/dev/disk/by-uuid/"$11' | xargs readlink -f ;done. It will spit out the paths for all devices referred to in /etc/crypttab.
    – b_laoshi
    Aug 14 at 2:21







  • 1




    What about grep -Poi "(?<=UUID=).*?(?=s)" /etc/crypttab | xargs -IL readlink -f /dev/disk/by-uuid/L
    – Ravexina
    Aug 14 at 7:26












up vote
21
down vote



accepted







up vote
21
down vote



accepted






Full disk encryption uses cryptsetup to manage LUKS encrypted devices and not ecryptfs and ecryptfs-unwrap-passphrase is a part of ecryptfs-utils which I guess is not installed on your system and has nothing to do with your setup and encrypted volume.



The answer to your question is: No you can not see the passphrase of an encrypted LUKS volume.



What I suggest is using:



sudo cryptsetup open /dev/sdXY new_mapper


which /dev/sdXY is your encrypted partition, it will ask for your user password (sudo) and then for the passphrase. try different possible passphrases to find the correct one.



If your passphrase was wrong you will get an error:



No key available with this passphrase


otherwise (if it was correct) an message will show up complaining that device is already in use. then you are good to go and safe to reboot knowing what your passphrase is.






share|improve this answer












Full disk encryption uses cryptsetup to manage LUKS encrypted devices and not ecryptfs and ecryptfs-unwrap-passphrase is a part of ecryptfs-utils which I guess is not installed on your system and has nothing to do with your setup and encrypted volume.



The answer to your question is: No you can not see the passphrase of an encrypted LUKS volume.



What I suggest is using:



sudo cryptsetup open /dev/sdXY new_mapper


which /dev/sdXY is your encrypted partition, it will ask for your user password (sudo) and then for the passphrase. try different possible passphrases to find the correct one.



If your passphrase was wrong you will get an error:



No key available with this passphrase


otherwise (if it was correct) an message will show up complaining that device is already in use. then you are good to go and safe to reboot knowing what your passphrase is.







share|improve this answer












share|improve this answer



share|improve this answer










answered Aug 14 at 2:09









Ravexina

26.8k146492




26.8k146492







  • 6




    If anyone lands here and doesn't know what to substitute for /dev/sdXY, you can run this command. cat /etc/crypttab | cut -f2 | grep -oiP "[0-9a-z]+-[0-9a-z-]+" | while read line; do ls -l /dev/disk/by-uuid/ | grep $line | awk 'print "/dev/disk/by-uuid/"$11' | xargs readlink -f ;done. It will spit out the paths for all devices referred to in /etc/crypttab.
    – b_laoshi
    Aug 14 at 2:21







  • 1




    What about grep -Poi "(?<=UUID=).*?(?=s)" /etc/crypttab | xargs -IL readlink -f /dev/disk/by-uuid/L
    – Ravexina
    Aug 14 at 7:26












  • 6




    If anyone lands here and doesn't know what to substitute for /dev/sdXY, you can run this command. cat /etc/crypttab | cut -f2 | grep -oiP "[0-9a-z]+-[0-9a-z-]+" | while read line; do ls -l /dev/disk/by-uuid/ | grep $line | awk 'print "/dev/disk/by-uuid/"$11' | xargs readlink -f ;done. It will spit out the paths for all devices referred to in /etc/crypttab.
    – b_laoshi
    Aug 14 at 2:21







  • 1




    What about grep -Poi "(?<=UUID=).*?(?=s)" /etc/crypttab | xargs -IL readlink -f /dev/disk/by-uuid/L
    – Ravexina
    Aug 14 at 7:26







6




6




If anyone lands here and doesn't know what to substitute for /dev/sdXY, you can run this command. cat /etc/crypttab | cut -f2 | grep -oiP "[0-9a-z]+-[0-9a-z-]+" | while read line; do ls -l /dev/disk/by-uuid/ | grep $line | awk 'print "/dev/disk/by-uuid/"$11' | xargs readlink -f ;done. It will spit out the paths for all devices referred to in /etc/crypttab.
– b_laoshi
Aug 14 at 2:21





If anyone lands here and doesn't know what to substitute for /dev/sdXY, you can run this command. cat /etc/crypttab | cut -f2 | grep -oiP "[0-9a-z]+-[0-9a-z-]+" | while read line; do ls -l /dev/disk/by-uuid/ | grep $line | awk 'print "/dev/disk/by-uuid/"$11' | xargs readlink -f ;done. It will spit out the paths for all devices referred to in /etc/crypttab.
– b_laoshi
Aug 14 at 2:21





1




1




What about grep -Poi "(?<=UUID=).*?(?=s)" /etc/crypttab | xargs -IL readlink -f /dev/disk/by-uuid/L
– Ravexina
Aug 14 at 7:26




What about grep -Poi "(?<=UUID=).*?(?=s)" /etc/crypttab | xargs -IL readlink -f /dev/disk/by-uuid/L
– Ravexina
Aug 14 at 7:26

















 

draft saved


draft discarded















































 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1065142%2fcan-i-view-the-password-of-a-mounted-encrypted-volume%23new-answer', 'question_page');

);

Post as a guest
































































Comments

Post a Comment

Popular posts from this blog

Long meetings (6-7 hours a day): Being “babysat” by supervisor

Image
Clash Royale CLAN TAG #URR8PPP .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0; up vote 31 down vote favorite 4 I hold a PhD in mechanical engineering with a 7 year background in self-guided, self-paced research including 2 years as a graduate level course instructor and a subject matter expert for various engineering projects in a university setting in the United States. For the last 10-11 months, I am working in a research industry in France where my task is to debug C++ spaghetti code written over a period of several years by my current supervisor. It is a team of 2: just I and my supervisor. Diurnally, I am posed with a "bug of the day" to get out of this C++ code. My supervisor generally gives me about 15-30 minutes to solve it and then accosts me about whether or not the task is completed and then rinses and repeats this until the end of the day. Off-late, my supervisor has been holding 6-7 hour long "meetin
Read more

Is the Concept of Multiple Fantasy Races Scientifically Flawed? [closed]

Image
Clash Royale CLAN TAG #URR8PPP up vote 2 down vote favorite Many fantasy worlds have multiple humanoid species (elves, orcs, humans, etc) living in the same world, in addition to that, they often have the ability to interbreed. And I can't help but question their believability... fantasy-races reproduction interspecies-relations share | improve this question edited Aug 9 at 14:46 Michael Kjörling ♦ 21.1k 10 85 161 asked Aug 9 at 13:13 Chlodio 118 6 closed as unclear what you're asking by MichaelK, Gryphon, John, Vincent, Frostfyre Aug 9 at 15:25 Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question. 3 Stack Exchange exist to
Read more

Confectionery

Image
Prepared foods made with a lot of sugar or other cabohydrates "Sweetmeat" redirects here. For the racehorse, see Sweetmeat (horse). Not to be confused with Sweetbread. This Kransekake is a traditional Scandinavian baker's confection. Confectionery is the art of making confections , which are food items that are rich in sugar and carbohydrates. Exact definitions are difficult. [1] In general, though, confectionery is divided into two broad and somewhat overlapping categories, bakers' confections and sugar confections. [2] Bakers' confectionery, also called flour confections , includes principally sweet pastries, cakes, and similar baked goods. Sugar confectionery includes candies ( sweets in British English), candied nuts, chocolates, chewing gum, bubble gum, pastillage, and other confections that are made primarily of sugar. In some cases, chocolate confections (confections made of chocolate) are treated as a separate category, as are sugar-free versions of
Read more