ecryptfs-utils - ecryptfs cryptographic filesystem (utilities)

Distribution: Ubuntu 16.04 LTS (Xenial Xerus)
Repository: Ubuntu Main amd64
Package name: ecryptfs-utils
Package version: 111
Package release: 0ubuntu1
Package architecture: amd64
Package type: deb
Installed size: 564 B
Download size: 103.23 KB
Official Mirror:
eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem for Linux. It provides advanced key management and policy features. eCryptfs stores cryptographic metadata in the header of each file written, so that encrypted files can be copied between hosts; the file will be decryptable with the proper key, and there is no need to keep track of any additional information aside from what is already in the encrypted file itself. Think of eCryptfs as a sort of "gnupgfs". eCryptfs is a native Linux filesystem. The kernel module component of eCryptfs is part of the Linux kernel since 2.6.19. This package contains the userland utilities.



    Source package: ecryptfs-utils

    Install Howto

    1. Update the package index:
      # sudo apt-get update
    2. Install ecryptfs-utils deb package:
      # sudo apt-get install ecryptfs-utils


    • /lib/security/
    • /sbin/mount.ecryptfs
    • /sbin/mount.ecryptfs_private
    • /sbin/umount.ecryptfs
    • /sbin/umount.ecryptfs_private
    • /usr/bin/ecryptfs-add-passphrase
    • /usr/bin/ecryptfs-find
    • /usr/bin/ecryptfs-insert-wrapped-passphrase-into-keyring
    • /usr/bin/ecryptfs-manager
    • /usr/bin/ecryptfs-migrate-home
    • /usr/bin/ecryptfs-mount-private
    • /usr/bin/ecryptfs-recover-private
    • /usr/bin/ecryptfs-rewrap-passphrase
    • /usr/bin/ecryptfs-rewrite-file
    • /usr/bin/ecryptfs-setup-private
    • /usr/bin/ecryptfs-setup-swap
    • /usr/bin/ecryptfs-stat
    • /usr/bin/ecryptfs-umount-private
    • /usr/bin/ecryptfs-unwrap-passphrase
    • /usr/bin/ecryptfs-verify
    • /usr/bin/ecryptfs-wrap-passphrase
    • /usr/bin/ecryptfsd
    • /usr/lib/ecryptfs/
    • /usr/share/doc/ecryptfs-utils/AUTHORS
    • /usr/share/doc/ecryptfs-utils/README.gz
    • /usr/share/doc/ecryptfs-utils/THANKS
    • /usr/share/doc/ecryptfs-utils/changelog.Debian.gz
    • /usr/share/doc/ecryptfs-utils/copyright
    • /usr/share/doc/ecryptfs-utils/ecryptfs-faq.html
    • /usr/share/ecryptfs-utils/ecryptfs-mount-private.desktop
    • /usr/share/ecryptfs-utils/ecryptfs-mount-private.txt
    • /usr/share/ecryptfs-utils/ecryptfs-record-passphrase
    • /usr/share/ecryptfs-utils/ecryptfs-setup-private.desktop
    • /usr/share/lintian/overrides/ecryptfs-utils
    • /usr/share/man/man1/ecryptfs-add-passphrase.1.gz
    • /usr/share/man/man1/ecryptfs-find.1.gz
    • /usr/share/man/man1/ecryptfs-generate-tpm-key.1.gz
    • /usr/share/man/man1/ecryptfs-insert-wrapped-passphrase-into-keyring.1.gz
    • /usr/share/man/man1/ecryptfs-mount-private.1.gz
    • /usr/share/man/man1/ecryptfs-recover-private.1.gz
    • /usr/share/man/man1/ecryptfs-rewrap-passphrase.1.gz
    • /usr/share/man/man1/ecryptfs-rewrite-file.1.gz
    • /usr/share/man/man1/ecryptfs-setup-private.1.gz
    • /usr/share/man/man1/ecryptfs-setup-swap.1.gz
    • /usr/share/man/man1/ecryptfs-stat.1.gz
    • /usr/share/man/man1/ecryptfs-umount-private.1.gz
    • /usr/share/man/man1/ecryptfs-unwrap-passphrase.1.gz
    • /usr/share/man/man1/ecryptfs-verify.1.gz
    • /usr/share/man/man1/ecryptfs-wrap-passphrase.1.gz
    • /usr/share/man/man1/mount.ecryptfs_private.1.gz
    • /usr/share/man/man1/umount.ecryptfs_private.1.gz
    • /usr/share/man/man7/ecryptfs.7.gz
    • /usr/share/man/man8/ecryptfs-manager.8.gz
    • /usr/share/man/man8/ecryptfs-migrate-home.8.gz
    • /usr/share/man/man8/ecryptfsd.8.gz
    • /usr/share/man/man8/mount.ecryptfs.8.gz
    • /usr/share/man/man8/pam_ecryptfs.8.gz
    • /usr/share/man/man8/umount.ecryptfs.8.gz
    • /usr/share/pam-configs/ecryptfs-utils


    2016-02-26 - Dustin Kirkland <> ecryptfs-utils (111-0ubuntu1) xenial; urgency=medium * src/utils/ecryptfs-setup-private: LP: #1328689 - fix a long standing bug, where setting up an encrypted private, encrypted home, or migrating to an encrypted home did not work correctly over ssh sessions - the root cause of the bug is some complexity in the handling of user keyrings and session keyrings - the long term solution would be to correctly use session keyrings - the short term solution is to continue linking user and session keyrings * xenial

    2016-02-23 - Dustin Kirkland <> ecryptfs-utils (110) xenial; urgency=medium [ Tyler Hicks ] * Remove unnecessary dependencies in the Debian packaging (LP: #1548975) - debian/control: Remove opencryptoki from ecryptfs-utils Suggests and libopencryptoki-dev from libecryptfs-dev Depends as openCryptoki is not a dependency of eCryptfs. - debian/rules: Remove openCryptoki related logic since it was not being used and is no longer needed - debian/control: Remove libtspi-dev from libecryptfs-dev Depends since --disable-tspi is passed to the configure script - debian/control: Remove libpkcs11-helper1-dev from libecryptfs-dev Depends since --disable-pkcs11-helper is passed to the configure script - debian/control: Remove libgpg-error-dev and libgpgme11-dev from libecryptfs-dev Depends since --disable-gpg is passed to the configure script - debian/control: Remove libgcrypt11-dev from Build-Depends and libecryptfs-dev Depends since --enable-nss is passed to the configure script to use NSS instead of Libgcrypt - debian/control: Remove libkeyutils-dev and libpam0g-dev from libecryptfs-dev Depends since these are build-time dependencies and not run-time dependencies

    2016-01-22 - Dustin Kirkland <> ecryptfs-utils (109) xenial; urgency=medium [ Maikel ] * doc/manpage/ecryptfs-migrate-home.8: Fix typos in man page (LP: #1518787) [ Kylie McClain ] * src/utils/mount.ecryptfs.c, src/utils/mount.ecryptfs_private.c: Fix build issues on musl libc (LP: #1514625) [ Colin Ian King ] * src/daemon/main.c: - Static analysis with Clang's scan-build shows that we can potentially overflow the input buffer if the input is equal or more than the buffer size. Need to guard against this by: 1. Only reading in input_size - 1 chars 2. Checking earlier on to see if input_size is value to insure that we read in at least 1 char [ Tyler Hicks ] * src/utils/mount.ecryptfs_private.c: - Refuse to mount over non-standard filesystems. Mounting over certain types filesystems is a red flag that the user is doing something devious, such as mounting over the /proc/self symlink target with malicious content in order to confuse programs that may attempt to parse those files. (LP: #1530566)