From: ken <gebser@mousecar.com>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] recovering forgotten passwords for 2 LVs
Date: Mon, 22 Aug 2011 10:48:54 -0400 [thread overview]
Message-ID: <4E526C56.7080202@mousecar.com> (raw)
In-Reply-To: <4E4BFE0C.3040703@mousecar.com>
On 08/17/2011 01:44 PM ken wrote:
> Having searched through the archives and read the FAQ list, I know this
> isn't going to be easy, but I have to give it a try anyway. Yes, I'm
> yet another guy who forgot his LUKS password. And I encrypted both the
> system and data LVs (when I first installed CentOS/Linux). After a
> couple days trying out various passphrases (going through my three
> chances and then having to shut down and restart the machine to get
> another three chances) and not succeeding, I removed the drive and put
> it into a drive enclosure, then attached it (via USB) to an older but
> working system. Now I can read only the /boot partition of that drive....
Over the weekend I read a bunch more documentation, got a spare drive
connected, and on it created an encrypted partition containing a Linux
LVMed filesystem (ext3 if it matters... same as the on the disk I'm
trying to get back). I did all this to test and refine a script I
created so I can input possible/likely passphrases and see which of them
might work. My script works fine on the one encrypted partition I
created on the test disk. I have a concern though.
When booting the disk I'm locked out of, it would prompt me twice...
because, as explained above, the partition contained two encrypted
logical volumes... so I was prompted for passphrases for each. In fact,
if I failed to input the correct passphrase for the first LV, I'd still
be prompted for the passphrase for the second LV. When I do "cryptsetup
isLuks /dev/sda5" the error code (0) tells me I've got an encrypted
device... but just one. Using luksDump likewise shows just one instance
of something (?) encrypted.
Why is this, when I know there to be *two* encrypted LVs on that
partition/device?
Most importantly, when I run
echo -n "$PASS PHRASE" |/sbin/cryptsetup luksOpen /dev/sdb5 name1
is cryptsetup going to be talking to one or the other encrypted LVs...?
and if so, which one?
Thanks^128,
ken
next prev parent reply other threads:[~2011-08-22 14:55 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-08-17 17:44 [dm-crypt] recovering forgotten password ken
2011-08-17 19:35 ` Arno Wagner
2011-08-17 19:40 ` Arno Wagner
2011-08-22 14:48 ` ken [this message]
2011-08-22 16:19 ` [dm-crypt] recovering forgotten passwords for 2 LVs Yves-Alexis Perez
2011-08-22 22:33 ` ken
2011-08-22 22:53 ` Milan Broz
2011-08-23 0:23 ` ken
2011-08-23 7:43 ` Yves-Alexis Perez
2011-08-23 9:35 ` ken
2011-08-23 11:59 ` ken
2011-08-23 12:57 ` Arno Wagner
2011-08-23 13:39 ` ken
2011-08-22 17:16 ` Arno Wagner
2011-08-23 13:17 ` ken
2011-08-23 13:47 ` Arno Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E526C56.7080202@mousecar.com \
--to=gebser@mousecar.com \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.