Is default home directory encryption with automount secure enough?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP








up vote
1
down vote

favorite












Default Ubuntu desktop installation offers an option to encrypt my /homeusing ecryptfs, and it auto-mounts the home every time I log in.



If my PC had stolen, couldn't the attacker have just substituted my /etc/shadow file and login as me, gaining access to my files? If yes, what is a use case for this encryption then?






security ecryptfs







share|improve this question

















  • 1




    "If yes," No. But not encrypting / means they could add something to / to mail keyboard input (incl. your password) when you decrypt or decrypted your partition and access your data at a later time.
    – Rinzwind
    Feb 20 at 14:41














up vote
1
down vote

favorite












Default Ubuntu desktop installation offers an option to encrypt my /homeusing ecryptfs, and it auto-mounts the home every time I log in.



If my PC had stolen, couldn't the attacker have just substituted my /etc/shadow file and login as me, gaining access to my files? If yes, what is a use case for this encryption then?






security ecryptfs







share|improve this question

















  • 1




    "If yes," No. But not encrypting / means they could add something to / to mail keyboard input (incl. your password) when you decrypt or decrypted your partition and access your data at a later time.
    – Rinzwind
    Feb 20 at 14:41












up vote
1
down vote

favorite









up vote
1
down vote

favorite











Default Ubuntu desktop installation offers an option to encrypt my /homeusing ecryptfs, and it auto-mounts the home every time I log in.



If my PC had stolen, couldn't the attacker have just substituted my /etc/shadow file and login as me, gaining access to my files? If yes, what is a use case for this encryption then?






security ecryptfs







share|improve this question













Default Ubuntu desktop installation offers an option to encrypt my /homeusing ecryptfs, and it auto-mounts the home every time I log in.



If my PC had stolen, couldn't the attacker have just substituted my /etc/shadow file and login as me, gaining access to my files? If yes, what is a use case for this encryption then?






security ecryptfs




security ecryptfs






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Feb 20 at 13:07









Andriy Maletsky

1063




1063







  • 1




    "If yes," No. But not encrypting / means they could add something to / to mail keyboard input (incl. your password) when you decrypt or decrypted your partition and access your data at a later time.
    – Rinzwind
    Feb 20 at 14:41












  • 1




    "If yes," No. But not encrypting / means they could add something to / to mail keyboard input (incl. your password) when you decrypt or decrypted your partition and access your data at a later time.
    – Rinzwind
    Feb 20 at 14:41







1




1




"If yes," No. But not encrypting / means they could add something to / to mail keyboard input (incl. your password) when you decrypt or decrypted your partition and access your data at a later time.
– Rinzwind
Feb 20 at 14:41




"If yes," No. But not encrypting / means they could add something to / to mail keyboard input (incl. your password) when you decrypt or decrypted your partition and access your data at a later time.
– Rinzwind
Feb 20 at 14:41










1 Answer
1






active

oldest

votes

















up vote
1
down vote













You must provide your password during login to decrypt the home folder.



The password is not stored by Ubuntu in /etc/shadow. What you find there is only a hash of the password plus a short salt. When you log in, the password you entered gets hashed and then the hashes are compared.



It is not possible to retrieve the original password from that hash, except through trying all possible combinations until one matches.



So as long as you keep your password private and it is secure (long and complex) enough to withstand a brute-force (or dictionary) attack longer than the attention span of the attacker lasts, your encrypted home directory is safe.



To ecryptfs, it does not matter what hash is in the shadow file. It takes the password entered by the user at login and tries to decrypt the home folder with that. If it is the correct password, the decryption succeeds, if not, it will fail. By modifying the shadow file (or simply booting into a rescue mode root shell and resetting the account password), only the login password changes.



Encryption doesn't work by comparing hashes and deciding to let someone in or not, it works by doing lots and lots of maths using the password and the encrypted data on disk to get back the original data.






share|improve this answer






















  • I meant, attacker can take random string, hash it, and put the result in shadow instead of my hash. So then, ecryptfs uses my user password as key to my files, right?
    – Andriy Maletsky
    Feb 20 at 13:23











  • To ecryptfs, it does not matter what hash is in the shadow file. It takes the password entered by the user at login and tries to decrypt the home folder with that. If it is the correct password, the decryption succeeds, if not, it will fail. By modifying the shadow file (or simply booting into a rescue mode root shell and resetting the account password), only the login password changes. Encryption doesn't work by comparing hashes and deciding to let someone in or not, it works by doing lots and lots of maths using the password and the encrypted data on disk to get back the original data.
    – Byte Commander
    Feb 20 at 13:28










Your Answer







StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "89"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1008030%2fis-default-home-directory-encryption-with-automount-secure-enough%23new-answer', 'question_page');

);

Post as a guest

















1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
1
down vote













You must provide your password during login to decrypt the home folder.



The password is not stored by Ubuntu in /etc/shadow. What you find there is only a hash of the password plus a short salt. When you log in, the password you entered gets hashed and then the hashes are compared.



It is not possible to retrieve the original password from that hash, except through trying all possible combinations until one matches.



So as long as you keep your password private and it is secure (long and complex) enough to withstand a brute-force (or dictionary) attack longer than the attention span of the attacker lasts, your encrypted home directory is safe.



To ecryptfs, it does not matter what hash is in the shadow file. It takes the password entered by the user at login and tries to decrypt the home folder with that. If it is the correct password, the decryption succeeds, if not, it will fail. By modifying the shadow file (or simply booting into a rescue mode root shell and resetting the account password), only the login password changes.



Encryption doesn't work by comparing hashes and deciding to let someone in or not, it works by doing lots and lots of maths using the password and the encrypted data on disk to get back the original data.






share|improve this answer






















  • I meant, attacker can take random string, hash it, and put the result in shadow instead of my hash. So then, ecryptfs uses my user password as key to my files, right?
    – Andriy Maletsky
    Feb 20 at 13:23











  • To ecryptfs, it does not matter what hash is in the shadow file. It takes the password entered by the user at login and tries to decrypt the home folder with that. If it is the correct password, the decryption succeeds, if not, it will fail. By modifying the shadow file (or simply booting into a rescue mode root shell and resetting the account password), only the login password changes. Encryption doesn't work by comparing hashes and deciding to let someone in or not, it works by doing lots and lots of maths using the password and the encrypted data on disk to get back the original data.
    – Byte Commander
    Feb 20 at 13:28














up vote
1
down vote













You must provide your password during login to decrypt the home folder.



The password is not stored by Ubuntu in /etc/shadow. What you find there is only a hash of the password plus a short salt. When you log in, the password you entered gets hashed and then the hashes are compared.



It is not possible to retrieve the original password from that hash, except through trying all possible combinations until one matches.



So as long as you keep your password private and it is secure (long and complex) enough to withstand a brute-force (or dictionary) attack longer than the attention span of the attacker lasts, your encrypted home directory is safe.



To ecryptfs, it does not matter what hash is in the shadow file. It takes the password entered by the user at login and tries to decrypt the home folder with that. If it is the correct password, the decryption succeeds, if not, it will fail. By modifying the shadow file (or simply booting into a rescue mode root shell and resetting the account password), only the login password changes.



Encryption doesn't work by comparing hashes and deciding to let someone in or not, it works by doing lots and lots of maths using the password and the encrypted data on disk to get back the original data.






share|improve this answer






















  • I meant, attacker can take random string, hash it, and put the result in shadow instead of my hash. So then, ecryptfs uses my user password as key to my files, right?
    – Andriy Maletsky
    Feb 20 at 13:23











  • To ecryptfs, it does not matter what hash is in the shadow file. It takes the password entered by the user at login and tries to decrypt the home folder with that. If it is the correct password, the decryption succeeds, if not, it will fail. By modifying the shadow file (or simply booting into a rescue mode root shell and resetting the account password), only the login password changes. Encryption doesn't work by comparing hashes and deciding to let someone in or not, it works by doing lots and lots of maths using the password and the encrypted data on disk to get back the original data.
    – Byte Commander
    Feb 20 at 13:28












up vote
1
down vote










up vote
1
down vote









You must provide your password during login to decrypt the home folder.



The password is not stored by Ubuntu in /etc/shadow. What you find there is only a hash of the password plus a short salt. When you log in, the password you entered gets hashed and then the hashes are compared.



It is not possible to retrieve the original password from that hash, except through trying all possible combinations until one matches.



So as long as you keep your password private and it is secure (long and complex) enough to withstand a brute-force (or dictionary) attack longer than the attention span of the attacker lasts, your encrypted home directory is safe.



To ecryptfs, it does not matter what hash is in the shadow file. It takes the password entered by the user at login and tries to decrypt the home folder with that. If it is the correct password, the decryption succeeds, if not, it will fail. By modifying the shadow file (or simply booting into a rescue mode root shell and resetting the account password), only the login password changes.



Encryption doesn't work by comparing hashes and deciding to let someone in or not, it works by doing lots and lots of maths using the password and the encrypted data on disk to get back the original data.






share|improve this answer














You must provide your password during login to decrypt the home folder.



The password is not stored by Ubuntu in /etc/shadow. What you find there is only a hash of the password plus a short salt. When you log in, the password you entered gets hashed and then the hashes are compared.



It is not possible to retrieve the original password from that hash, except through trying all possible combinations until one matches.



So as long as you keep your password private and it is secure (long and complex) enough to withstand a brute-force (or dictionary) attack longer than the attention span of the attacker lasts, your encrypted home directory is safe.



To ecryptfs, it does not matter what hash is in the shadow file. It takes the password entered by the user at login and tries to decrypt the home folder with that. If it is the correct password, the decryption succeeds, if not, it will fail. By modifying the shadow file (or simply booting into a rescue mode root shell and resetting the account password), only the login password changes.



Encryption doesn't work by comparing hashes and deciding to let someone in or not, it works by doing lots and lots of maths using the password and the encrypted data on disk to get back the original data.







share|improve this answer














share|improve this answer



share|improve this answer








edited Feb 20 at 13:28

























answered Feb 20 at 13:20









Byte Commander

59.7k26159268




59.7k26159268











  • I meant, attacker can take random string, hash it, and put the result in shadow instead of my hash. So then, ecryptfs uses my user password as key to my files, right?
    – Andriy Maletsky
    Feb 20 at 13:23











  • To ecryptfs, it does not matter what hash is in the shadow file. It takes the password entered by the user at login and tries to decrypt the home folder with that. If it is the correct password, the decryption succeeds, if not, it will fail. By modifying the shadow file (or simply booting into a rescue mode root shell and resetting the account password), only the login password changes. Encryption doesn't work by comparing hashes and deciding to let someone in or not, it works by doing lots and lots of maths using the password and the encrypted data on disk to get back the original data.
    – Byte Commander
    Feb 20 at 13:28
















  • I meant, attacker can take random string, hash it, and put the result in shadow instead of my hash. So then, ecryptfs uses my user password as key to my files, right?
    – Andriy Maletsky
    Feb 20 at 13:23











  • To ecryptfs, it does not matter what hash is in the shadow file. It takes the password entered by the user at login and tries to decrypt the home folder with that. If it is the correct password, the decryption succeeds, if not, it will fail. By modifying the shadow file (or simply booting into a rescue mode root shell and resetting the account password), only the login password changes. Encryption doesn't work by comparing hashes and deciding to let someone in or not, it works by doing lots and lots of maths using the password and the encrypted data on disk to get back the original data.
    – Byte Commander
    Feb 20 at 13:28















I meant, attacker can take random string, hash it, and put the result in shadow instead of my hash. So then, ecryptfs uses my user password as key to my files, right?
– Andriy Maletsky
Feb 20 at 13:23





I meant, attacker can take random string, hash it, and put the result in shadow instead of my hash. So then, ecryptfs uses my user password as key to my files, right?
– Andriy Maletsky
Feb 20 at 13:23













To ecryptfs, it does not matter what hash is in the shadow file. It takes the password entered by the user at login and tries to decrypt the home folder with that. If it is the correct password, the decryption succeeds, if not, it will fail. By modifying the shadow file (or simply booting into a rescue mode root shell and resetting the account password), only the login password changes. Encryption doesn't work by comparing hashes and deciding to let someone in or not, it works by doing lots and lots of maths using the password and the encrypted data on disk to get back the original data.
– Byte Commander
Feb 20 at 13:28




To ecryptfs, it does not matter what hash is in the shadow file. It takes the password entered by the user at login and tries to decrypt the home folder with that. If it is the correct password, the decryption succeeds, if not, it will fail. By modifying the shadow file (or simply booting into a rescue mode root shell and resetting the account password), only the login password changes. Encryption doesn't work by comparing hashes and deciding to let someone in or not, it works by doing lots and lots of maths using the password and the encrypted data on disk to get back the original data.
– Byte Commander
Feb 20 at 13:28

















 

draft saved


draft discarded















































 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1008030%2fis-default-home-directory-encryption-with-automount-secure-enough%23new-answer', 'question_page');

);

Post as a guest
































































-

Popular posts from this blog

pylint3 and pip3 broken

Image
Clash Royale CLAN TAG #URR8PPP up vote 0 down vote favorite I have tried sudo apt remove --purge on various packages. I get the same when I reinstall. I have also tried reinstall using aptitude. This does not work. My current workaround is to run pylint3 as root, which works, but is bad practice. pip3 $ pip3 Traceback (most recent call last): File "/usr/lib/python3/dist-packages/pip/_vendor/__init__.py", line 33, in vendored __import__(vendored_name, globals(), locals(), level=0) ImportError: No module named 'pip._vendor.pkg_resources' During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/bin/pip3", line 9, in <module> from pip import main File "/usr/lib/python3/dist-packages/pip/__init__.py", line 13, in <module> from pip.exceptions import InstallationError, CommandError, PipError File "/usr/lib/python3/dist-packages/pip/exceptions.py", line 6, ...
Read more

Missing snmpget and snmpwalk

Image
Clash Royale CLAN TAG #URR8PPP up vote 0 down vote favorite I have installed Zabbix appliance, directly preinstalled and found that there is missing snmpwalk and snmpget commands. I tried to install it with: apt-get install net-snmp-utils but I have error message: Unable to locate package. I have also check what from SNMP is preinstalled and there is: libsnmp-base libsnmp30:amd64 snmp-mibs-downloader snmpd snmptrapd snmptrapfmt How can I install snmpget and snmpwalk ? snmp zabbix share | improve this question edited Jan 29 at 10:10 Yaron 8,552 7 18 38 asked Jan 29 at 9:51 Alfista 1 apt install snmp perhaps ? If named differently - apt cache snmp – fugitive Jan 29 at 10:00 add a comment  |  up vote 0 down vote favorite I have installed Zabbix appliance, directly preinstalled and found that there is missing snmpwalk and snmpget commands. I tried...
Read more

How to enroll fingerprints to Ubuntu 17.10 with VFS491

Image
Clash Royale CLAN TAG #URR8PPP up vote 1 down vote favorite I decided to switch from Windows to Ubuntu 17.10, I meet it like 8 years ago and I didn't decided to switch until now (haha). Well, my actual device is an HP Probook 4540s with a Validity fingerprint sensor (VFS491). The fingerprint sensor worked fine on Windows but I can't get it to work in Ubuntu. The device is recognized as 138a:003d but is not detected as a fingerprint scanner by some apps like Fingerprint GUI. I want to use the fingerprint scanner to log in into my user account in Ubuntu but it doesn't supports fingerprints without special software and the drivers of the fingerprint scanner are available for Windows but not for any Linux distribution. I found something on GitHub (https://github.com/eekpie/libfprint) about the integration of the VFS491 in libfprint and I think it can help but I don't know what to do with it, so that's why I need the help of the community to do it since I am...
Read more