From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mail.saout.de (Postfix) with ESMTP for ; Sat, 6 Mar 2010 19:58:00 +0100 (CET) Message-ID: <4B92A5AF.4040601@redhat.com> Date: Sat, 06 Mar 2010 19:57:51 +0100 From: Milan Broz MIME-Version: 1.0 References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] LUKS password forgoten, any way how to change it? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Marek Stopka Cc: dm-crypt@saout.de On 03/06/2010 01:12 AM, Marek Stopka wrote: > Hi guys, I have forgotten password to my luks encrypted disk, I have > lost no data (yet :) ), because system is still running with unlocked > device, but problem is, that I have a scheduled hardware maintanance > window quite soon, so I was wondering is it somehow easily possible to > luksAddKey without knowing a password or recover password from memory > or it will be much more easier to copy those data somewhere else and > create a new encrypted disk? It is like 12TB of data so I would really > prefer not to copy those data somewhere else, but if I will have to, I > can pull that off... > > But I am wondering since key need to be in a memory somewhere there > could be a way... :) If the encrypted device is active and you are root... dmsetup table --showkeys recode master key from the table (from hexa) into binary and store to file cryptsetup luksAddKey --master-key-file (with cryptsetup 1.1.0) Milan