From d0fe3401cf0f5141b78a4b170dbef5c0bdc6535b Mon Sep 17 00:00:00 2001
From: rfjakob
Date: Sat, 29 Feb 2020 20:48:13 +0100
Subject: Created Restore gocryptfs.conf (markdown)

---
 Restore-gocryptfs.conf.md | 70 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 70 insertions(+)
 create mode 100644 Restore-gocryptfs.conf.md

(limited to 'Restore-gocryptfs.conf.md')

diff --git a/Restore-gocryptfs.conf.md b/Restore-gocryptfs.conf.md
new file mode 100644
index 0000000..7aac379
--- /dev/null
+++ b/Restore-gocryptfs.conf.md
@@ -0,0 +1,70 @@
+If you lose your `gocryptfs.conf` but have saved your masterkey, you can create a new `gocryptfs.conf` like this:
+
+* Use `gocryptfs -init` to create a new config file (password does not matter)
+* Then use `gocryptfs -passwd -masterkey` to override the masterkey and set a new password
+
+### Complete example
+
+You create your filesystem and store data in it:
+
+```
+$ gocryptfs -init a
+Choose a password for protecting your files.
+Password: 
+Repeat: 
+
+Your master key is:
+
+    66a765c3-2868b607-ed6b8369-a1263c29-
+    1eac1192-26b5ea50-e48e73e5-76af82df
+
+If the gocryptfs.conf file becomes corrupted or you ever forget your password,
+there is only one hope for recovery: The master key. Print it to a piece of
+paper and store it in a drawer. This message is only printed once.
+The gocryptfs filesystem has been created successfully.
+You can now mount it using: gocryptfs a MOUNTPOINT
+
+$ gocryptfs a b
+Password: 
+Decrypting master key
+Filesystem mounted and ready.
+
+$ echo "hello world" > b/hello.txt
+
+$ fusermount -u b
+```
+
+Disaster strikes: Your gocryptfs.conf is lost:
+```
+$ rm a/gocryptfs.conf 
+rm: remove write-protected regular file 'a/gocryptfs.conf'? y
+```
+
+Restore gocryptfs.conf using the masterkey:
+```
+$ mkdir tmp
+
+$ gocryptfs -init tmp
+[...]
+
+$ mv tmp/gocryptfs.conf a
+
+$ gocryptfs -passwd -masterkey 66a765c3-2868b607-ed6b8369-a1263c29-1eac1192-26b5ea50-e48e73e5-76af82df a
+Using explicit master key.
+THE MASTER KEY IS VISIBLE VIA "ps ax" AND MAY BE STORED IN YOUR SHELL HISTORY!
+ONLY USE THIS MODE FOR EMERGENCIES
+Please enter your new password.
+Password: 
+Repeat: 
+A copy of the old config file has been created at "/tmp/tmp.lopzg3o5Yo/a/gocryptfs.conf.bak".
+Delete it after you have verified that you can access your files with the new password.
+Password changed.
+
+$ gocryptfs a b
+Password: 
+Decrypting master key
+Filesystem mounted and ready.
+
+$ cat b/hello.txt 
+hello world
+```
\ No newline at end of file
-- 
cgit v1.2.3