SUMMARY When opening the Vault, all files saved there were lost. (CryFS) STEPS TO REPRODUCE 1.The day before I did the security updates when starting the system. 2. opened the vault, deleted some files checked others. closed the vault. 3. the next day I started the computer, and opened the vault and all files were lost. OBSERVED RESULT ALL DATA HAS BEEN LOST. SOFTWARE/OS VERSIONS Linux/KDE Plasma: Kubuntu KDE Plasma Version: 5.27.4 KDE Frameworks Version: 5.104.0 Qt Version: 5.15.8 ADDITIONAL INFORMATION: I didn't do anything different on the day, same as usual, just installed security updates. apparently i gained space on my disk(ssd), however i can't assert.
Vault doesn't handle the data, the only way for the data to disappear is if they were deleted or there was a filesystem corruption. I'd try to mount the cryfs manually - see the relevant paths in the .config/plasmavaultrc The location of the encrypted data is the path in square brackets. For example, [/home/user/.vaults/SomeVaultName.enc]. First, backup that directory somewhere just in case. After that, do this: mkdir /tmp/SomeVaultName cryfs /home/user/.vaults/SomeVaultName.enc /tmp/SomeVaultName If you get an error saying something about the filesystem needs to be upgraded, call cryfs --allow-filesystem-upgrade /home/user/.vaults/SomeVaultName.enc /tmp/ SomeVaultName If that doesn't help (it should mount the data into /tmp/SomeVaultName) post me the error message you got.
(In reply to Ivan Čukić from comment #1) > Vault doesn't handle the data, the only way for the data to disappear is if > they were deleted or there was a filesystem corruption. > > I'd try to mount the cryfs manually - see the relevant paths in the > .config/plasmavaultrc > > The location of the encrypted data is the path in square brackets. For > example, [/home/user/.vaults/SomeVaultName.enc]. > > First, backup that directory somewhere just in case. > > After that, do this: > > mkdir /tmp/SomeVaultName > cryfs /home/user/.vaults/SomeVaultName.enc /tmp/SomeVaultName > > If you get an error saying something about the filesystem needs to be > upgraded, > call > > cryfs --allow-filesystem-upgrade /home/user/.vaults/SomeVaultName.enc /tmp/ > SomeVaultName > > If that doesn't help (it should mount the data into /tmp/SomeVaultName) post > me the error message you got. Hi, Thanks for your answer. Worked to open but the folder is empty. I just remembered when I did the apt upgrade, it was open and had some security and firmware updates, could it have some relevance? Ps. in this step i put Y. cryfs /home/user/Vaults/folder/ /tmp/folder CryFS Version 0.10.2 Use default settings? Your choice [y/n]: y
Looks like you put the wrong directory in the cryfs command - it should not be the path to the location where vault shows the data when opened, but the path to encrypted data. If you didn't change the default path when creating the vault, it will be in your home directory under ~/.local/share/plasma-vault/ Apart from getting the path from plasmavaultrc, you can also find all directories where cryfs keeps its data by doing (this will search only under your user's home directory): find ~ -name 'cryfs.config' > when I did the apt upgrade, it was open and had some security and > firmware updates, could it have some relevance? An update should not have an influence over the user data.
(In reply to Ivan Čukić from comment #3) > Looks like you put the wrong directory in the cryfs command - it should not > be the path to the location where vault shows the data when opened, but the > path to encrypted data. If you didn't change the default path when creating > the vault, it will be in your home directory under > ~/.local/share/plasma-vault/ > > Apart from getting the path from plasmavaultrc, you can also find all > directories where cryfs keeps its data by doing (this will search only under > your user's home directory): > > find ~ -name 'cryfs.config' > > > when I did the apt upgrade, it was open and had some security and > > firmware updates, could it have some relevance? > > An update should not have an influence over the user data. Yes, I noticed my mistake there just now. - i give: Deriving encryption key (this can take some time)...done The filesystem id in the config file is different to the last time we loaded a filesystem from this basedir. This can be genuine if you replaced the filesystem with a different one. If you didn't do that, it is possible that an attacker did. Do you want to continue loading the file system? Your choice [y/n]: - Anyway, I think when I was trying to open it before seeking support, I might have corrupted or something similar to the file. Luckily, I had a backup in another encryption, so I guess there won't be any recovery. With everything considered, I appreciate the support!
Ivan, is there any way we can bubble up messages like this to the user?