8

I am unable to access my Ubuntu 16.04 files from my Windows 10 OS, because I had enabled encryption during installation. Is there a way I can decrypt and use my files from Windows? Else, my plan is to reinstall Ubuntu from a LiveUSB.

Before doing so, I plan to remove my Lenovo (D:) partition (since I have separate recovery media and don't plan to use Lenovo OneKey Recovery) which is about 20 Gb. I want to dedicate this space for the root partition, and reallocate the current root partition space to creating a separate home partition. Finally, I plan to increase my Linux swap space form 6 Gb to 18 Gb.

I plan to back up my files before doing all this of course (creating disk images, etc.). Could doing all this affect my files, installed packages, and 3rd party software?

halcyon
  • 133
  • 2
    When you say you "enabled encryption" do you mean that you used LUKS to encrypt the entire system or that you opted to encrypt only your home directory? Either way, I don't know that there's much you can do to get access from Windows, but it helps to have the details straight just in case. – b_laoshi Mar 27 '17 at 05:28
  • @b_laoshi, I think it's the entire system. Is there a way I can check? (that might be a really simple question, I'm new to Ubuntu/Linux) – halcyon Mar 27 '17 at 16:08
  • You can check for eCryptFS with awk '$3 == "ecryptfs"' /proc/mounts and for LUKS/dm-crypt with a look into /etc/crypttab (as super-user). Those are the options for the encryption set up during Ubuntu installation. – David Foerster Mar 28 '17 at 08:37
  • 1
    @halcyon, David Foerster is right. Open a terminal (Ctrl+Alt+T) and run awk '$3 == "ecryptfs"' /proc/mounts. Then run sudo cat /etc/crypttab. If the first command returns something, then you encrypted your home partition. If the second command returns something other than file not found, then you encrypted your whole system. – b_laoshi Mar 30 '17 at 02:59
  • Both commands return something. Would it be helpful if I posted the output here or does that have personal information? @b_laoshi – halcyon Mar 31 '17 at 07:44
  • Sounds like you opted to encrypt both the entire system and your home dir. See my answer below. It's not going to be a fun process. It might be easier to trash your current Ubuntu install, resize your partitions so Windows takes up the whole disk, and (specs permitting) run Ubuntu from a virtual machine in Windows. Then you could just share folders between the guest and host to access files. You can post the output of those commands if you like, but I'm guessing it looks something like: CRYPTDISK UUID=YOUR-PARTITION-UUID none luks and PATH-TO-ENCRYPTED-HOME /home ecryptfs MOUNT-OPTIONS – b_laoshi Mar 31 '17 at 08:51
  • 1
    @b_laoshi, this is what I get: From awk '$3 == "ecryptfs"' /proc/mounts /home/halcyon/.Private /home/halcyon ecryptfs rw,nosuid,nodev,relatime,ecryptfs_fnek_sig=8e8dd57cb6f2732f,ecryptfs_sig=59806262b6b3090c,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_unlink_sigs 0 0 – halcyon Mar 31 '17 at 09:19
  • @b_laoshi and the other command sudo cat /etc/crypttab.......

    #cryptswap1 UUID=530c176d-f4d9-4d88-a84c-3c35805b7902 /dev/urandom swap,cipher=aes-cbc-essiv:sha256

     – halcyon Mar 31 '17 at 09:24
  • I actually do most of my work on the Ubuntu side and rarely use Windows, but sometimes I need Microsoft Office, etc. Would it be a practical approach if I followed part of your answer below to (1) remove home directory encryption, then (2) use LibreCrypt to access files from Windows 10? – halcyon Mar 31 '17 at 09:37
  • If that's all that was in /etc/crypttab, then only your swap partition is encrypted which doesn't matter. Ignore the "Disk encryption with LUKS" section below. Backup everything first, and then try decrypting your home dir per my directions. If that works, give the Ext2read a go and see if it works for you. I've never actually used it, but I wouldn't be surprised if it only provides read-only access. – b_laoshi Apr 01 '17 at 06:32
  • @b_laoshi, do you know anything more certain that would also provide write access?

    As an aside, I'm going out of town soon so won't have time (before the bounty expires) to work on the decryption then using Ext2read. Hopefully your advice works! Regardless, you've been super helpful. I'll mark yours as best answer so you get the bounty.

     – halcyon Apr 02 '17 at 08:28
  • 1
    This is might what you have been looking for: http://askubuntu.com/a/4960/671810 – Mads03dk Apr 02 '17 at 18:03
  • Could you please [edit] your post, when you want to add information? Especially file or program output listings (with the help of the {} button in the editor toolbar) will be much more readable there; alternatively you can use a pastie service for longer listings and include the link of your pastie in your question. Overall it’s best to have everything relevant in one place. Additionally, comments may be deleted for various reasons. Thanks. – David Foerster Apr 02 '17 at 18:49
  • Possible duplicate How to stop using built-in home directory encryption? – David Foerster Apr 02 '17 at 18:56
  • 1
    @halcyon, I haven't actually played with it in a really long time. I honestly don't know what current options look like for write access from Windows. Check out this page. It looks promising, but it doesn't have a date on it. – b_laoshi Apr 04 '17 at 11:48

3 Answers3

4

Since there are two methods that you could have used (independently or in combination) to perform encryption, I'll touch on both separately. And then I'll address access from Windows.

You could have encrypted your entire disk with LUKS like this during install![sys-enc.png

Or you could have encrypted your home directory with ecryptfs like this during installhome-enc.png

Disk encryption with LUKS

If you encrypted your entire disk with LUKS, you may want to look into a program for Windows called LibreCrypt. I have used it with success in the past to access LUKS encrypted partitions from Windows 7.

Home directory encryption with ecryptfs

If you encrypted your home directory, there is currently no way to get at this from Windows. However, it is possible to remove the home directory encryption so long as you have enough disk space to make a duplicate of your home directory.

Accessing the Linux ext2/ext3/ext4 filesystems from Windows

Now, in theory, all you should need to do is mount your Linux file systems in Windows. I've not tried it, but supposedly, Ext2Read should enable you to mount ext2/ext3/ext4 filesystems in Windows. Furthermore, it is said to support LVM2 which will be important if you chose to use LVM when you installed.

b_laoshi
  • 4,660
  • 4
  • 25
  • 46
-2

I'm sorry if I skimp on the details here - I lost my original response after registering for the site.

It is possible. You'll need Ext2Fsd 0.68 (not the latest version 0.69 which does not work with Windows 10 - download here https://sourceforge.net/projects/ext2fsd/files/Ext2fsd/0.68/), Macrium Reflect, Macrium viBoot, and Oracle VM Virtual Box. Make sure to reboot if you've just installed these.

You can run your Ubuntu partition as a virtual machine by accessing the Macrium image through Macrium viBoot. Make sure to have everything configured so that you can move the files you need elsewhere (i.e. USB access, copy/paste, read/write, network, etc. See here https://www.makeuseof.com/tag/transfer-files-virtual-machine-guest-host-pc/). Beware it will be very slow.

Newman
  • 1
-2

The home folder encrypted in Ubuntu cannot be decrypted from W's.

Copy the files from a Ubuntu Live session to an external drive and access the files from it using W's or to the W's partition.

You will need ecryptfs-utils and this answer Access Encrypted Home Folder

Community
  • 1
userDepth
  • 2,010