0
I have encrypted private folder.
In mount options there are two sigs: ecryptfs_fnek_sig and ecryptfs_sig.
When I call keyctl show
it shows, that I have two keys represented by these sigs. But actually I have only one key in my wraped-passphrase file.
So my question is: where the second key comes from?
And additional question: what happens if I don't specify fnek_sig in mount options (provided I have file names encrypted)?