ecryptfs-stat
Show metadata about an ecryptfs mount
SYNOPSIS
ecryptfs-stat file
PARAMETERS
file
The path to the encrypted file for which to display metadata.
DESCRIPTION
The ecryptfs-stat command is a utility to display metadata about an ecryptfs encrypted file. It provides information about the underlying encryption keys, file system state, and mount point configuration. This command is crucial for debugging ecryptfs related issues, verifying encryption status, and understanding the underlying ecryptfs setup. By providing access to metadata not directly visible via standard filesystem operations, ecryptfs-stat is valuable for system administrators maintaining systems leveraging ecryptfs for data protection. It reveals which key is being used for encryption, allows checking for presence of encrypted files, verifies mount state after possible interruptions and offers debugging features, especially when combined with mount options and system logs. Note that ecryptfs-stat doesn't allow modification of the underlying data or configuration of ecryptfs itself. It only provides a read-only view.
CAVEATS
The command requires appropriate permissions to access the file being inspected. It operates only on ecryptfs-encrypted files; attempting to use it on a non-ecryptfs file will not yield meaningful results and may produce an error.
OUTPUT INTERPRETATION
The output displays information such as the encryption key fingerprint, whether the file is encrypted, and information about the underlying file in the lower file system. Pay close attention to key fingerprints to ensure the correct key is being used. A missing fingerprint may indicate problems with key management.
TYPICAL USES
ecryptfs-stat is used for:
- Verifying if a file is truly encrypted.
- Identifying the key used to encrypt a file.
- Troubleshooting mount and key issues.
- Ensuring proper configuration after system maintenance.
HISTORY
ecryptfs-stat was developed as part of the eCryptfs project, a stacked cryptographic filesystem for Linux. Its primary purpose has always been to provide administrators with a way to inspect the metadata of encrypted files within the eCryptfs system, facilitating debugging, verification, and overall management of ecryptfs deployments. It has been used since early versions of eCryptfs.
SEE ALSO
mount.ecryptfs(8), ecryptfsd(8), ecryptfs-setup-private(1)