Re: [dm-crypt] openLuks failing - semaphore weird bug involved ?

[Arno Wagner <arno@wagner.name>]

On Thu, Sep 08, 2011 at 11:46:42AM -0400, Ric Flomag wrote:
> Claudio and Arno,
> 
> Thank you for your kind help. I have tried the following:
>  * manually unlock the partition with a Fedora 15 live (it has cryptsetup
> 1.3), and with an Ubuntu 11.04 live (which has 1.1 without the updates
> installed on my system). No luck, cryptsetup returns "no available key".
>  * looked at the hex data of the keyslot (between 0x01000 and 0x20400) : no
> obvious patterns

Which does not mean no patterns. This is the likely explanation.
The key-slots do not have any checksums, as that would decrease
security.

As this problem crops up frequantly, I do have a tool under 
development that does frequency-analysis on the keyslots
in a sector-wise fashion, but I currently have no time to 
finish it. This should be one order of magnitude or so better
than looking at it.
 
> As for a possible problem with seahorse: I use the same password on both
> hard drives, seahorse shows them correctly, i can manually unlock the other
> hard drive with the password and with seahorse... so I don't think that the
> problem lies here.

Agreed.

> Unfortunately i had not backed up the header nor retrieved the master key.
> It's ok though, this hard drive only contains backups and unimportant stuff.
> I'll just format the partition if I don't find a solution. And then backup
> the header and the master key :D

:-) 
You can protect the backup, e.g. by encrypting it with GnuPG.

> What worries me is that I have no clue what happened. A damage to the header
> is it possible without any signs of it ?

Well, if some random-looking data was copied into it, that is hard to
spot. A frequency-analysis would help, but takes some work to
implement. The easy and reliable way would be to compare the
header with its backup.

I do agree that header damage should not happen in an ideal world.
However, from the questions asked here, header damage is a not so
infrequent problem. That is one of the reasons I wrote the FAQ ;-)

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier