* label written on top of the header
@ 2025-06-25 14:05 Dominik Rak
2025-06-25 14:16 ` Milan Broz
0 siblings, 1 reply; 2+ messages in thread
From: Dominik Rak @ 2025-06-25 14:05 UTC (permalink / raw)
To: cryptsetup
hello
i have overwritten a part of the luks2 header with an mbr label but the 2nd binary header and 2nd json area and everything after it is fully intact
i am coming back to this after a long long break because when i saw "By far the most questions on the cryptsetup mailing list are from people that managed to damage the start of their LUKS partitions, i.e. the LUKS header. In most cases, there is nothing that can be done to help these poor souls recover their data." i decided to give up
but now i decided to do some more digging and it seems to me that it is recoverable
i created a new volume with the same settings to see how it should look like and then on a copy of the original drive i changed the starting part to be the same as the one from the new volume (the LUKS ... @ ... sha256 ...) and the rest from the 2nd binary header and 2nd json in the place where the 1st ones should be using hexedit and then that looked like a normal working luks header
but that didnt work, so now im here
if the command is:
cryptsetup luksOpen <device> <name>
then does the <name> matter in decryption? or can it be anything? because if it cant be anything then i dont remember it nor have access to it after such a long time
also after creating a few sample volumes i have noticed that the area where the 1st binary header and 1st json area are compared to the area where the 2nd binary header and 2nd json area are is not identical because there is some undocumented something, unspecified in the https://gitlab.com/cryptsetup/LUKS2-docs/blob/main/luks2_doc_wip.pdf , if its not random then it was overwritten by the label
and the last thing i can think of, does the uuid of the device matter in decryption?
im sorry for bothering but please tell me what to do, if anything can be done
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: label written on top of the header
2025-06-25 14:05 label written on top of the header Dominik Rak
@ 2025-06-25 14:16 ` Milan Broz
0 siblings, 0 replies; 2+ messages in thread
From: Milan Broz @ 2025-06-25 14:16 UTC (permalink / raw)
To: Dominik Rak, cryptsetup
On 6/25/25 4:05 PM, Dominik Rak wrote:
> hello
> i have overwritten a part of the luks2 header with an mbr label but the 2nd binary header and 2nd json area and everything after it is fully intact
If it is LUKS2, then crypsetup repair <device> should fix it automatically.
Always create a backup (dd first 16 MB if header is corrupted and you cannot use luksHederBackup command).
...
> also after creating a few sample volumes i have noticed that the area where the 1st binary header and 1st json area are compared to the area where the 2nd binary header and 2nd json area are is not identical because there is some undocumented something, unspecified in the https://gitlab.com/cryptsetup/LUKS2-docs/blob/main/luks2_doc_wip.pdf , if its not random then it was overwritten by the label
What exactly is not documented? There is some random data, the reason is explained in spec (to avoid deduplication).
> and the last thing i can think of, does the uuid of the device matter in decryption?
No, but you have to calculate correct checksum of the binary and JSON area.
Milan
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-06-25 14:16 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-06-25 14:05 label written on top of the header Dominik Rak
2025-06-25 14:16 ` Milan Broz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox