Is it secure to store ecryptfs_sig?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



I started using ecryptfs to provide a version controlled file structure for a group of developers. 
To access our secured data, every user have to mount the ecrypfs. User who do this the first time, will get the warning, that the ecryptfs_sig was never stored before inside '~/.ecryptfs/sig-cache.txt'. 

WARNING: Based on the contents of [/root/.ecryptfs/sig-cache.txt],
it looks like you have never mounted with this key
before. This could mean that you have typed your
passphrase wrong.
(ecryptfs-utils 2009-03-24)

To be sure, that this message will only appear, if a wrong passphrase was entered, I thought about to provide the correct ecryptfs_sig during the mount routine, but before I will do this, I would like to know more about the ecryptfs_sig.

What is the purpose of ecryptfs_sig?
Is ecryptfs_sig just a hash of the passphrase to be sure not to take a new one? 
Therefore is it secure to public provide the ecryptfs_sig?

Until now, I could not find the source code part of ecryptfs_sig inside the kernel or userspace repository. I just found the following explanation inside the README of the userspace code, but this did not helped me further 
(What is FEKEK: FileEncryptionKeyEncryptionKey? ^^):

ecryptfs_sig=<hex signature>
        The signature for the FEKEK to use to encrypt the FEK for newly
        created files.  A key with description <sig> should be in the
        user's session keyring.  The mount helper, with its key modules,
        should make sure that the key gets placed there.

Thanks for any help : )

Best regards,

[Index of Archives]     [Linux Crypto]     [Device Mapper Crypto]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux