From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wm0-x232.google.com (mail-wm0-x232.google.com [IPv6:2a00:1450:400c:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Thu, 25 Feb 2016 17:37:25 +0100 (CET) Received: by mail-wm0-x232.google.com with SMTP id g62so39472953wme.0 for ; Thu, 25 Feb 2016 08:37:25 -0800 (PST) References: <20160225160849.21765320@othir.localdomain> From: Milan Broz Message-ID: <56CF2DC2.6050008@gmail.com> Date: Thu, 25 Feb 2016 17:37:22 +0100 MIME-Version: 1.0 In-Reply-To: <20160225160849.21765320@othir.localdomain> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] help List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Felix Wagner , dm-crypt@saout.de On 02/25/2016 04:08 PM, Felix Wagner wrote: > Hello, > > I tried to reencrypt my device today and was way too eager to do it > without reading everything. Heres what I did: > > 'cryptsetup-reencrypt -v -c aes-xts-plain64 -s > 512 /dev/disk/by-uuid/2ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7 > Reencryption will change: volume key, set cipher to aes-xts-plain64. > Enter passphrase for key slot 0: > Key slot 0 unlocked. > LUKS header backup of > device /dev/disk/by-uuid/2ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7 created. > Data offset for detached LUKS header must be either 0 or higher than > header size (4036 sectors). Creation of LUKS backup headers failed. > > So i thought well It didn't work so lets try again: > > cryptsetup-reencrypt -v -c > aes-xts-plain64 /dev/disk/by-uuid/2ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7 > Reencryption will change: volume key, set cipher to aes-xts-plain64. > Enter passphrase for key slot 0: > Key slot 0 unlocked. > LUKS header > backup of device /dev/disk/by-uuid/2ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7 > created. > New LUKS header for > device /dev/disk/by-uuid/2ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7 created. > Activated keyslot 0. > Marking LUKS > device /dev/disk/by-uuid/2ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7 unusable. > Activating temporary device using old LUKS header. > Key slot 0 unlocked. > Cannot get info about > device /dev/disk/by-uuid/2ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7. > Activation of temporary devices failed. > > Now it says that the device is not a luks device anymore. I do not have > a header backup (I'm an idiot) what I do have is the luksDump > information and I have not rebooted my system: Do you have these files still in current directory? LUKS-ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7.log LUKS-ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7.new LUKS-ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7.org If so, save them. *.log is reencryption log. If you run reencrypt in directory with these files, reencryption will resume. If it did not started yet, *.org is header backup and you can use it to restore old device state. (If reencryption already started some part of device is already reencrypted so you have to finish that operation.) Please can you paste here content of the *.log file? (It is text file containing reencryption context.) (In theory, if reencryption did not really started yet the initial header is still on-device, just with different magic string, so recovery could be still possible just with simple on-disk edit.) Milan