Hey,
I started using ecryptfs to provide a version controlled file structure for a group of developers.
To access our secured data, every user have to mount the ecrypfs. User who do this the first time, will get the warning, that the ecryptfs_sig was never stored before inside '~/.ecryptfs/sig-cache.txt'.
WARNING: Based on the contents of [/root/.ecryptfs/sig-cache.txt],
it looks like you have never mounted with this key
before. This could mean that you have typed your
passphrase wrong.
(ecryptfs-utils 2009-03-24)
To be sure, that this message will only appear, if a wrong passphrase was entered, I thought about to provide the correct ecryptfs_sig during the mount routine, but before I will do this, I would like to know more about the ecryptfs_sig.
What is the purpose of ecryptfs_sig?
Is ecryptfs_sig just a hash of the passphrase to be sure not to take a new one?
Therefore is it secure to public provide the ecryptfs_sig?
Until now, I could not find the source code part of ecryptfs_sig inside the kernel or userspace repository. I just found the following explanation inside the README of the userspace code, but this did not helped me further
(What is FEKEK: FileEncryptionKeyEncryptionKey? ^^):
ecryptfs_sig=<hex signature>
The signature for the FEKEK to use to encrypt the FEK for newly
created files. A key with description <sig> should be in the
user's session keyring. The mount helper, with its key modules,
should make sure that the key gets placed there.
Thanks for any help : )
Best regards,
javud
