Re: How to avoid kern.log msg "Could not find key with description..."

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 14 Sep 2018, Larry Evans wrote:
> >   So, the ecryptfs mounts are working, but it's just these annoying messages
> > you inquire about, right?
> Yes.  But also, I can't login!  The problem is detailed here:


So, I got curious and installed Ubuntu 18.04.1 in a VM and selected to 
"Encrypt your home directory"[0] during the installation. And indeed, upon 
login the error messages you mentioned are printed to the kernel log, but 
in my case the login succeeds anyway:

==========================================================
$ ssh ubuntu0  -l dummy
dummy@ubuntu0's password: 
dummy@ubuntu0:~$ dmesg -t | tail -3
Could not find valid key in user session keyring for sig specified in mount option: [0ea32e1f93c8f774]
One or more global auth toks could not properly register; rc = [-2]
Error parsing options; rc = [-2]

dummy@ubuntu0:~$ df -h .
Filesystem            Size  Used Avail Use% Mounted on
/home/dummy/.Private  5.9G  1.4G  4.2G  26% /home/dummy
==========================================================


With no manual modifications done, this is how the PAM configuration looks 
like in a fresh installation:


==========================================================
dummy@ubuntu0:~$ grep -r ecrypt /etc/pam.d/
/etc/pam.d/common-session:session       optional  pam_ecryptfs.so unwrap
/etc/pam.d/common-auth:auth             optional  pam_ecryptfs.so unwrap
/etc/pam.d/common-password:password     optional  pam_ecryptfs.so 
/etc/pam.d/common-session-noninteractive:session  optional  pam_ecryptfs.so unwrap
==========================================================


So, while the Ubuntu upgrade process may have some flaws, the installer 
appears to work, although the messages are annoying and should be fixed, 
of course.

Christian.

[0] https://www.imgpaste.net/image/wstY7
-- 
BOFH excuse #226:

A star wars satellite accidently blew up the WAN.



[Index of Archives]     [Linux Crypto]     [Device Mapper Crypto]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux