I have an eCryptfs filesystem I use to protect my sensitive data at rest in addition to full disk encryption via LUKS. It’s mounted only for a handful of hours a year. The encrypted files are then backed-up seemlessly using traditional cloud backup services.
My setup works great and I feel confident that it’s “good enough” for my needs to protect against malware on my computer for accessing sensitive files.
It’s easy to use with the
Security Issue with CVE-2014-9687
The salt wasn’t randomly generated and allowed rainbow table attacks. The time has apparently come and the rainbow table has been generated and published. It’s hosted on Github @ kudelskisecurity/ecryptfs-dictionary-v1 with corresponding write-up.
Time to rewrap my passphrase with a randomly generated salt to render the rainbow table useless.
It appears that eCryptfs had some primitive support for a manually generated salt with the
~/.ecryptfsrc file but it wasn’t automatically setup and likely largely unused. A better approach is to always use a randomly generated salt and this was introduced with the v2 passphrase file that resolves CVE-2014-9687. Details on this change are in revision 839.
How Do I Rewrap My Passphrase?
Step 1 - Check File Version
Determine if your wrapped passphrase file is version 1 or version 2. According to read_wrapped_passphrase_file_version() a version 2 file will begin with an ASCII
: followed by
0x2 and an unversioned file will have ASCII hex data. Anything larger then v2 currently is unsupported.
hexdump to check. Mine original v1 passphrase file for reference:
$ xxd -l 2 ~/.ecryptfs/wrapped-passphrase 00000000: 3065 0e
Looks like version 1 to me. The file size was 48 bytes.
Step 2 - Backup
Copy the file to be safe in case the rewrap goes bad:
$ cp ~/.ecryptfs/wrapped-passphrase ~/.ecryptfs/wrapped-passphrase.bak
Step 3 - Rewrap
$ ecryptfs-rewrap-passphrase ~/.ecryptfs/wrapped-passphrase Old wrapping passphrase: New wrapping passphrase: New wrapping passphrase (again):
Step 4 - Check
If everything went according to plan the file should now begin with ASCII
: followed by
$ xxd -l 2 ~/.ecryptfs/wrapped-passphrase 00000000: 3a02 :.
Looks good, file size is now 58 bytes.
For the truly paranoid, running the rewrap again with the same passphrase will generate a file with different contents as the salt should have changed.
Step 5 - Test
Mount the the filesystem with
ecryptfs-mount-private or similar to verify.
Step 6 - Clean-up
Only clean-up once you know the new passphrase is working! And be thorough about it:
$ shred -vu ~/.ecryptfs/wrapped-passphrase.bak