All of lore.kernel.org
 help / color / mirror / Atom feed
From: Arno Wagner <arno@wagner.name>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] Data recovery
Date: Sat, 8 Oct 2011 18:22:51 +0200	[thread overview]
Message-ID: <20111008162251.GA798@tansi.org> (raw)
In-Reply-To: <CACALU9Lz-1d1HwgHD7oYxvRTeEBH7bx_tsUswoyvtQb=DpLSYg@mail.gmail.com>

On Sat, Oct 08, 2011 at 02:28:28PM +0200, Nico Gevers wrote:
> Hi
> 
> I've recently decided to encrypt all my drives using luks, running on ubuntu
> 11.10. I encrypted my external drive, and loaded all my backups onto the
> drive. One morning, I tried accessing the drive, and it wouldn't accept my
> key phrase. I tried a couple of times, even tried some variations, but no
> avail. Then I stupidly thought of running fsck on the drive. I fixed a
> couple of innodes, but then stopped, realising that I was probably doing
> more harm than good.
> 
> When I run luksDump on that drive, I get all the expected information. My
> question is: is the header still intact. Is there any chance I can recover
> my data, owing to the fact that luksDump displays, what seems to me, a valid
> header? (I'm assuming that if luksDump shows the information, the header is
> intact).

The header itself may be intact. But the problem here is the keyslots.
If they are damaged, the only thing that can save your data is a header
backup.

What I wonder is why fsck was even willing to run. Due to the encryption,
it will have seen absolutely nothing that looks like a filesystem.
It also is quite possible that it 'fixed' things in the keyslot area.

In addition, there is the question for the reason fo the initial
fail.

So, what you do now is make a header backup (procedure is in the
FAQ) und analyse that. First, find out in which keyslot your key
is (likely the first), then look at the FAQ section on on-disk 
format and look at the encrypted keyslot with a hex-dump
tool, e.g. hd. If there is anything looking regular in the
keyslot area, apply procedure for dealing with permanent data
loss, also described in the FAQ.

You can of course ask for further advice here, but it is impossible
to answer your question without looking at that keyslot data.

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 

  reply	other threads:[~2011-10-08 16:22 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-10-08 12:28 [dm-crypt] Data recovery Nico Gevers
2011-10-08 16:22 ` Arno Wagner [this message]
2011-10-08 17:42   ` Nico Gevers
2011-10-08 20:02     ` Arno Wagner
2011-10-09 17:17       ` Nico Gevers
2011-10-09 17:51         ` Arno Wagner
2011-10-09 18:54           ` Nico Gevers
2011-10-23 22:03           ` Anna

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20111008162251.GA798@tansi.org \
    --to=arno@wagner.name \
    --cc=dm-crypt@saout.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.