Re: [dm-crypt] what touches the LUKS header?

[Arno Wagner <arno@wagner.name>]

On Mon, Aug 09, 2010 at 04:04:04PM -0700, epvdm@limpoc.com wrote:
> On Sun, Aug 08, 2010 at 05:57:26AM +0200, Arno Wagner wrote:
> > > Oh, certainly. I spent a long time on this before even looking into other
> > > possibilities. I put the disks on another machine to test, and tried with
> > > the passphrase in a keyfile, loaded with --key-file, with and without
> > > trailing cr/lf, as well as typing the passphrase in the clear and cut-n-pasting
> > > it into the cryptsetup prompt. 
> > 
> > Ok. Have you tried one of your backups for comparison as well? 
> > They should work. Just for completeness...
> > 
> > Incidentially, your backups should contain a good header + key-slots, 
> > so copying them over should repair any possible damage. See
> > FAQ item on making header backups. But don't do that yet, compare
> > the first 1MiB+4096B of a backup and a life disk first. Any header
> > or key-slot corruption should show up as difference. If there is no 
> > difference, then you have some other problem.

> 
> The "real" backups are taken from the mounted filesystem, so they don't
> contain the LUKS key material. The mirror-copies I have were all made over
> a short period of time and display the same problem, suggesting that the
> damage happened some time before that and wasn't noticed until the reboot.

I see. A pity.

[...] 
> > No, this is a good idea. But do the comparison with the header and 
> > key-slots on a working backup disk first. See FAQ item 
> > "What does the on-disk structure of LUKS look like?" 
> > for exact length and position of the key-slots. A key-slot consists 
> > of tighly packed (no spacer or unused space) anti-forensic stripes 
> > and looks like encrypted data, i.e. "random". If you want to get a 
> > feel for it, FAQ item "How do I use LUKS with a loop-device?" gives 
> > instructions how to do LUKS on a file via the loop-device.
> 
> This is interesting. Looking through the first 1MiB+4096B I see quite a
> lot of material that is obviously not key material - i.e, text, perl
> snippets, and other stuff one would ordinarily see lying around a linux
> system disk. Now, there was only ever a single LUKS keyslot in use, so if
> the space dedicated to to the rest of them does not get initialized, it
> could be that I am just seeing what was on the disk before LUKS was
> initialized. However, it could also be bits of other areas of the disk, or
> buffer cache, that got written to the keyslot areas.

The space does not get initialized. So for you the first 128kiB would
be the relevant area.

> > > thanks very much for your help,  btw. 
> > 
> > You are welcome.
> > 
> > Sorry for pointing to the FAQ so often, it really gives you most 
> > of the info you need. Current copy posted on this list today or 
> > on the web at
> > 
> >   http://code.google.com/p/cryptsetup/wiki/FrequentlyAskedQuestions
> > 
> 
> The FAQ is very helpful; sorry I missed a few parts such as the 
>  size of the key area. :) 

It has gotten a bit long, addmitedly. 

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier