• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Data Recovery Pit

The Data Recovery Expert

  • Best
  • Guides
  • Reviews
Home / Guides

March 18, 2023 Pratheep

How to Recover an Encrypted Drive on Ubuntu?

Ubuntu Encryption

Linux, despite sharing a smaller percentage of the global desktop OS market; holds a dear place in the hearts of many users. It is fun to use and offers limitless customization. Furthermore, the platform affords freedom as it is open source. However, to actually dive deep into the OS, one needs significant knowledge and know-how. Take, for example, recovering files from an encrypted disk. Though the process is not that complicated for Windows or even macOS, users might find themselves confused when it comes to Ubuntu, a Linux distro. Hence, we have prepared this article to guide our readers through the recovery process once and for all.

This article describes the commands for several methods. If you don’t know what you are doing, you probably shouldn’t do it. Get someone who is familiar with Ubuntu commands do it for you. If something goes wrong, you may permanently lose your data.

Table of Contents

  • What is an Encrypted Drive?
  • Method 1. Recovering Data Automatically
  • Method 2. Recovering Data Manually
  • Method 3. Using Live CD
  • FAQ

What is an Encrypted Drive?

Ubuntu is a modern, fast, stable, and open-source OS for the Linux enterprise server, desktop, and cloud. It is a popular distro that is based on Debian and entails mostly free and open-source software. The distro is officially available in three editions: Desktop, Server, and Core for IoT devices and robotics. Although, each edition can run independently on a PC or a VM (Virtual Machine).

An encrypted drive is a drive on your machine that is encrypted by a key. The data cannot be accessed without decrypting. In most cases, the only way to do that is to have the key. Otherwise, the data will be lost forever. However, there are mechanisms to overcome this and retrieve the data.

Method 1. Recovering Data Automatically

The first method utilizes the Command Terminal to render the recovery process automatically. Although there are a couple of prerequisites that are:

  • User should remember the password associated to the encrypted drive.
  • User must remember the path to his encrypted files.

The steps are as follows:

Step 1. Boot your system where you have the encrypted drive, using either a Live CD or USB.

Step 2. Ensure that the target encrypted drive is mounted, otherwise you won’t be able to access it.

Step 3. Now, run the command terminal by pressing the Ctrl + Alt + T keys.

Step 4. After that, run the following command:

sudo ecryptfs-recover-private /media/host_user/disk_identifier/home/.ecryptfs/target_user/.Private

Here, host_user is the boot OS login name, target_user is the encrypted drive username. The disk_identifier will be something like (ext2 or ext3)

Step 5. Finally, enter the password when required and follow the prompts to access the decrypted files.

Method 2. Recovering Data Manually

The manual method of recovering data can be quite dangerous and only used in emergencies or in unusual cases where the potential loss of data won’t be a serious problem. In this process, the user is required to manually mount the encrypted drive. The steps are:

Step 1. First, those users who are using encrypted filenames should follow this:

sudo ecryptfs-add-passphrase --fnek

Step 2. Enter the Passphrase (Password created during encryption). Do not confuse it with your login Passphrase.

Step 3. Now, mount the drive. Be sure to replace “username” with your actual username.

sudo mkdir -p /home/username/Private
sudo mount -t ecryptfs /home/username/.Private /home/username/Private

Step 4. After that, choose the 3rd selection and enter your Passphrase.

Step 5. Next, select the AES cipher and a 16-bit key.

Step 6. Then enable both Plaintext Passthrough and Filename Encryption and enter the FNEK (Filename Encryption Key) that you wrote down previously.

Step 7. Finally, you can access your encrypted files.

Method 3. Using Live CD

Users can use a Live CD in two ways to open an encrypted drive. Although the first method is a long one, it is traditional, stable, and offers more functionality. On the other hand, the second method is advanced though it requires the user to have thorough knowledge regarding the system and partitions. If you need a better idea, have a look at recovering Ubuntu partition.

Traditional Method

The steps are as follows:

Step 1. First, mount the Linux partitions.

We recommend using nautilus package (the official file manager for the GNOME desktop) for this. The command to install nautilus is:

sudo apt-get install nautilus

Step 2. Now, find your Linux partitions.

sudo fdisk -l

Step 3. Then find the encrypted drive by using this command:

sudo find / -type d -iname '.Private' 2>/dev/null

Step 4. After that, enter the Passphrase that was generated at the time of encryption.

sudo ecryptfs-add-passphrase --fnek 

Step 5. Here, you will be asked to enter the Passphrase. After that, mount the encrypted drive.

sudo mount -t ecryptfs sdtm ldm

Step 6. Next, you have to create a directory.

sudo mkdir /home/username

Step 7. Finally, select the cypher and byte key as AES and 16-bit. Then enable plaintext passthrough and filename encryption.

Advanced Method

Now, for the advanced method, the steps are:

Step 1. Start by installing nautilus.

sudo apt-get install nautilus

Step 2. Then, find the relevant partitions.

sudo fdisk -l
df -h

Step 3. Unmount the drives (change the partition numbers accordingly).

umount /dev/sda1
umount /dev/sda6

Step 4. Then remount them again.

sudo mount /dev/sda1 /mnt
sudo mount /dev/sda6 /mnt/home

Step 5. It’s time to setup chroot.

sudo mount -o bind /dev /mnt/dev
sudo mount -o bind /dev/shm/ /mnt/dev/shm
sudo mount -o bind /proc /mnt/proc
sudo mount -o bind /sys /mnt/sys

Step 6. Execute chroot.

sudo chroot /mnt /bin/bash

Step 7. Finally, decrypt home.

sudo ecryptfs-mount-private

FAQ

What to do if I have bad sectors in the drive?

If you have bad sectors in your drive which is problematic and preventing you from decrypting the drive, you can read our article on how to recover bad sectors on Ubuntu. It will help you to solve the problem.

Ubuntu

Next Article
How to Recover Ubuntu Bash
Wattpad Account Recovery Process Explained

Primary Sidebar

Author

Pratheep

Pratheep is a passionate writer specialized in data and account recovery. He loves helping people in getting back their data or getting access to their lost accounts.

Related Posts

Footer

data-recovery-pit-logo
Info
  • About
  • Privacy Policy
  • Terms and Conditions
  • Contact Us
Site
  • Sitemap
  • Services
  • Advertise
  • Disclaimer
  • Facebook
  • Twitter
  • Pinterest

Copyright © 2025 · Data Recovery Pit

This site uses cookies to serve you better. By continuing to use this website, you agree to our cookie and Privacy Policy.