Storing salt in the ext4 filesystem superblock for file-based encryption seem to be deprecated. I got this info from https://www.kernel.org/doc/html/v4.18/filesystems/fscrypt.html#getting-the-per-filesystem-salt (ioctl FS_IOC_GET_ENCRYPTION_PWSALT). On last kernel I wasn't able to decrypt directory (no salt error) but on last LTS there is not problem. Someone with more knowledge should check it out
- FS_IOC_GET_ENCRYPTION_PWSALT still works, it's just "deprecated", so I'm not sure what exactly caused your problem. Some old kernels had a bug where they allowed you to use the encryption ioctls without actually enabling the encryption feature, so maybe that's it.
- Anyway, since the
e4crypttool itself is also deprecated and no longer being updated (as it was really meant more as a demonstration, not as a proper user interface to filesystem encryption), I've updated the article to recommend using fscrypt instead.
fscryptstores its metadata in files, so it doesn't use the FS_IOC_GET_ENCRYPTION_PWSALT ioctl.
- Synchronicity (talk) 06:26, 23 September 2019 (UTC)