From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qj7zAUnQ-I3Z for ; Thu, 8 Sep 2011 20:11:15 +0200 (CEST) Received: from v4.tansi.org (ns.km33513-03.keymachine.de [87.118.94.3]) by mail.saout.de (Postfix) with ESMTP for ; Thu, 8 Sep 2011 20:11:14 +0200 (CEST) Received: from gatewagner.dyndns.org (84-74-162-232.dclient.hispeed.ch [84.74.162.232]) by v4.tansi.org (Postfix) with ESMTPA id D6B761404001 for ; Thu, 8 Sep 2011 20:11:13 +0200 (CEST) Date: Thu, 8 Sep 2011 20:11:13 +0200 From: Arno Wagner Message-ID: <20110908181113.GA32583@tansi.org> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Subject: Re: [dm-crypt] openLuks failing - semaphore weird bug involved ? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de On Thu, Sep 08, 2011 at 11:46:42AM -0400, Ric Flomag wrote: > Claudio and Arno, > > Thank you for your kind help. I have tried the following: > * manually unlock the partition with a Fedora 15 live (it has cryptsetup > 1.3), and with an Ubuntu 11.04 live (which has 1.1 without the updates > installed on my system). No luck, cryptsetup returns "no available key". > * looked at the hex data of the keyslot (between 0x01000 and 0x20400) : no > obvious patterns Which does not mean no patterns. This is the likely explanation. The key-slots do not have any checksums, as that would decrease security. As this problem crops up frequantly, I do have a tool under development that does frequency-analysis on the keyslots in a sector-wise fashion, but I currently have no time to finish it. This should be one order of magnitude or so better than looking at it. > As for a possible problem with seahorse: I use the same password on both > hard drives, seahorse shows them correctly, i can manually unlock the other > hard drive with the password and with seahorse... so I don't think that the > problem lies here. Agreed. > Unfortunately i had not backed up the header nor retrieved the master key. > It's ok though, this hard drive only contains backups and unimportant stuff. > I'll just format the partition if I don't find a solution. And then backup > the header and the master key :D :-) You can protect the backup, e.g. by encrypting it with GnuPG. > What worries me is that I have no clue what happened. A damage to the header > is it possible without any signs of it ? Well, if some random-looking data was copied into it, that is hard to spot. A frequency-analysis would help, but takes some work to implement. The easy and reliable way would be to compare the header with its backup. I do agree that header damage should not happen in an ideal world. However, from the questions asked here, header damage is a not so infrequent problem. That is one of the reasons I wrote the FAQ ;-) Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier