周末办公室断电了,开发环境挂了,查出原因是数据“丢失”了。
使用了企业级加密文件系统eCryptfs,下面开始数据恢复的过程:
保存。
查看
恢复了!!
执行路径:必须在wrapped-passphrase文件所在路径
root@vbaas:/home/.ecryptfs/vbaas/.ecryptfs# ecryptfs-unwrap-passphrase wrapped-passphrase
Passphrase:
e26f5cd1e253d9dce9d9c3393309fcb4
产生的字符串后面需要使用,注意保存。
创建恢复数据的目录
root@vbaas:/home/.ecryptfs/vbaas/.ecryptfs# cd /home/
root@vbaas:/home# mkdir restore
一定要执行的:
vbaas@vbaas:/home$ sudo ecryptfs-add-passphrase --fnek
[sudo] password for vbaas:
Passphrase:
Inserted auth tok with sig [e2551c3b2203a93b] into the user session keyring
Inserted auth tok with sig [c5425ab9a537b0f7] into the user session keyring
中括号中,第二个的字符串是下一轮需要使用。注意保存。
进行数据恢复
vbaas@vbaas:/home$ sudo mount -t ecryptfs /home/.ecryptfs/vbaas/.Private/ /home/restore
Passphrase:
Select cipher:
1) aes: blocksize = 16; min keysize = 16; max keysize = 32
2) blowfish: blocksize = 8; min keysize = 16; max keysize = 56
3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24
4) twofish: blocksize = 16; min keysize = 16; max keysize = 32
5) cast6: blocksize = 16; min keysize = 16; max keysize = 32
6) cast5: blocksize = 8; min keysize = 5; max keysize = 16
Selection [aes]: 直接回车
Select key bytes:
1) 16
2) 32
3) 24
Selection [16]: 直接回车
Enable plaintext passthrough (y/n) [n]: 直接回车
Enable filename encryption (y/n) [n]: y 必须是y
Filename Encryption Key (FNEK) Signature [e2551c3b2203a93b]: c5425ab9a537b0f7 第二个中括号中的字符串
Attempting to mount with the following options:
ecryptfs_unlink_sigs
ecryptfs_fnek_sig=c5425ab9a537b0f7
ecryptfs_key_bytes=16
ecryptfs_cipher=aes
ecryptfs_sig=e2551c3b2203a93b
WARNING: Based on the contents of [/root/.ecryptfs/sig-cache.txt],
it looks like you have never mounted with this key
before. This could mean that you have typed your
passphrase wrong.
Would you like to proceed with the mount (yes/no)? : yes 必须是yes
Would you like to append sig [e2551c3b2203a93b] to
[/root/.ecryptfs/sig-cache.txt]
in order to avoid this warning in the future (yes/no)? : no
Not adding sig to user sig cache file; continuing with mount.
Mounted eCryptfs
查看恢复的数据:
vbaas@vbaas:/home$ ls restore/
config fabric_bootstrap.sh hyperledger-fabric-ca-linux-amd64-1.4.6.tar.gz
env_bootstrap.sh fabric.zip hyperledger-fabric-linux-amd64-2.0.1.tar.gz
fabric go1.13.5.linux-amd64.tar.gz