can't boot, encrypted drive - how to recover data ?

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help
Post Reply
Curious George
Level 1
Level 1
Posts: 20
Joined: Wed Nov 09, 2016 5:20 pm

can't boot, encrypted drive - how to recover data ?

Post by Curious George » Sat Feb 03, 2018 5:14 pm

This morning, one of my computers failed to boot, got the message

Code: Select all

Welcome to emergency mode!  After logging in, type "journalctl -xb" to view
system logs, "systemctl reboot" to reboot,"systemctl default" or ^D to
try again to boot into default mode.
Retried with various options, no luck. The computer is fairly old
(Dell OpiPlex GX620, c. 2012), and I was planning to replace it anyway.
But, it would be nice to recover the data. OS is Mint 18.3, installed in
early January. At that time I had, perhaps unfortunately, chosen to install
with data encryption.

I was able to boot with a Mint18.3 install USB, and was able to see the
drive partition on which the home directory was installed. However, the
drive was locked.

Trying

Code: Select all

mint@mint /media/mint $ ecryptfs-mount-private 
gave the error

Code: Select all

 ERROR: Encrypted private directory is not setup properly 
Any suggestions?

User avatar
catweazel
Level 12
Level 12
Posts: 4184
Joined: Fri Oct 12, 2012 9:44 pm
Location: Australian Antarctic Territory

Re: can't boot, encrypted drive - how to recover data ?

Post by catweazel » Sat Feb 03, 2018 5:25 pm

Try these suggestions.
There is no spoon.

Curious George
Level 1
Level 1
Posts: 20
Joined: Wed Nov 09, 2016 5:20 pm

Re: can't boot, encrypted drive - how to recover data ?

Post by Curious George » Thu Feb 08, 2018 6:10 pm

Thanks, catweazel, for the suggestion. The link you provided linked to another page, viz.
https://www.howtogeek.com/116297/how-to ... on-ubuntu/,
which does provide some useful information,though a bit out-of-date. Following those instructions, I had to replace

Code: Select all

GKSU nautilus
with

Code: Select all

GKSU nemo
and was able to access the encrypted directory, but running

Code: Select all

ecryptfs-mount-private
returned

Code: Select all

ERROR: Encrypted private directory is not setup properly.
Perhaps there is damage to the disk itself. Oh well, in my case it is only a few days worth of data.

User avatar
WharfRat
Level 20
Level 20
Posts: 10597
Joined: Thu Apr 07, 2011 8:15 pm

Re: can't boot, encrypted drive - how to recover data ?

Post by WharfRat » Thu Feb 08, 2018 6:35 pm

Is it full system encryption or just the home folder :?:

Paste back sudo blkid from the live session.
Image ImageImage

Curious George
Level 1
Level 1
Posts: 20
Joined: Wed Nov 09, 2016 5:20 pm

Re: can't boot, encrypted drive - how to recover data ?

Post by Curious George » Thu Feb 08, 2018 8:55 pm

Just the home directory is encrypted. It resides on a separate partition (/dev/sda2). Here's the output of blkid:

Code: Select all

mint@mint ~ $ sudo blkid
/dev/sda1: UUID="b6658d00-f09a-4279-a7cb-deec1677eb56" TYPE="ext4" PTTYPE="dos" PARTUUID="0003a6e3-01"
/dev/sda2: UUID="ecbc2386-3a38-4fa5-9abc-27ba9af87342" TYPE="ext4" PARTUUID="0003a6e3-02"
/dev/loop0: TYPE="squashfs"
/dev/sda3: UUID="29bc432b-8137-4250-9846-30918198c429" TYPE="swap" PARTUUID="0003a6e3-03"
/dev/sdb1: UUID="2017-11-24-13-25-42-00" LABEL="Linux Mint 18.3 Cinnamon 64-bit" TYPE="iso9660" PTUUID="7da654e6" PTTYPE="dos" PARTUUID="7da654e6-01"
/dev/sdb2: SEC_TYPE="msdos" UUID="C8A5-5244" TYPE="vfat" PARTUUID="7da654e6-02"

User avatar
WharfRat
Level 20
Level 20
Posts: 10597
Joined: Thu Apr 07, 2011 8:15 pm

Re: can't boot, encrypted drive - how to recover data ?

Post by WharfRat » Thu Feb 08, 2018 9:08 pm

Try following the instructions at viewtopic.php?t=134231#p720340

In your case you'll have to mount both the / and /home partitions so use

Code: Select all

sudo mount /dev/sdb1 /mnt
sudo mount /dev/sda2 /mnt/home
then follow the instructions under # Establish a proper chroot environment
Image ImageImage

Curious George
Level 1
Level 1
Posts: 20
Joined: Wed Nov 09, 2016 5:20 pm

Re: can't boot, encrypted drive - how to recover data ?

Post by Curious George » Mon Feb 19, 2018 5:08 pm

Thanks for the information. The following allowed me access to the encrypted directory for username "gheine":

Code: Select all

mint@mint ~ $ sudo mount -o bind /dev/shm /mnt/dev/shm/
mint@mint ~ $ sudo mount -o bind /proc /mnt/proc
mint@mint ~ $ sudo mount -o bind /sys /mnt/sys
mint@mint ~ $ sudo chroot /mnt
root@mint / #
root@mint / # su - gheine
Signature not found in user keyring
Perhaps try the interactive 'ecryptfs-mount-private'
gheine@mint ~ $ ecryptfs-add-passphrase --fnek
Passphrase:
Inserted auth tok with sig [dc8fca9f63094a8a] into the user session keyring
Inserted auth tok with sig [e2ce7c1effaecea9] into the user session keyring
gheine@mint ~ $ ecryptfs-mount-private
Enter your login passphrase:
Inserted auth tok with sig [ee1aab069e40f0d2] into the user session keyring
INFO: Your private directory has been mounted.
INFO: To see this change in your current shell:
  cd /home/gheine
However, I was unable to copy any of the data to the root filesystem (/dev/sda1):

Code: Select all

gheine@mint ~ $ sudo tar -cvf  /home_19feb2018.tar .
sudo: unable to resolve host mint: Connection refused
sudo: no tty present and no askpass program specified
and got the same errors when trying to copy to a mounted external drive.
I could try netcat or something similar to pass the data to another network host, but perhaps there is a simpler solution?

User avatar
WharfRat
Level 20
Level 20
Posts: 10597
Joined: Thu Apr 07, 2011 8:15 pm

Re: can't boot, encrypted drive - how to recover data ?

Post by WharfRat » Mon Feb 19, 2018 8:11 pm

Did you mount /dev :?:

I don't see that in your terminal paste :?

The first mount under # Establish a proper chroot environment is
sudo mount -o bind /dev /mnt/dev

You'll have to exit the chroot and start over.
Image ImageImage

Curious George
Level 1
Level 1
Posts: 20
Joined: Wed Nov 09, 2016 5:20 pm

Re: can't boot, encrypted drive - how to recover data ?

Post by Curious George » Wed Feb 21, 2018 12:54 pm

Did you mount /dev :?:
I don't see that in your terminal paste :?
Actually, my terminal paste accidentally omitted the first three commands, namely:

Code: Select all

sudo mount /dev/sda1 /mnt
sudo mount /dev/sda2 /mnt/home
sudo mount -o bind /dev /mnt/dev
Trying to copy to a mounted filesystem (with sudo) still gives

Code: Select all

sudo: unable to resolve host mint: Connection refused
sudo: no tty present and no askpass program specified
I accidentally booted without the install mediium, and surprisingly, it was successful. Logged in, copied the entire home directory, and, for now at least, the problem is solved. However I did find your notes and the link very helpful; I will research the commands and keep on file in case a similar problem occurs in the future.

Post Reply

Return to “Newbie Questions”