DM-Crypt Archive on lore.kernel.org
 help / color / mirror / Atom feed
From: Arno Wagner <arno@wagner.name>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.
Date: Fri, 28 Oct 2011 18:24:28 +0200	[thread overview]
Message-ID: <20111028162428.GA26437@tansi.org> (raw)
In-Reply-To: <CAP8O3oN0vb+gpgRPMS06q0qrih9ouPJBgSguotS6LxYxip1=ew@mail.gmail.com>

As LUKS is specifically designed with anti-forensic features,
a "trace" would not help at all. In fact changing a few bits 
in the keyslots in random locations is quite enough to 
make the data inacessible permanently. As others have said,
without header backup there is no way.

Side note: Encryption does not remove the need for backup.
In fact, the FAQ discusses several encrypted backup options.

Arno


On Sat, Oct 29, 2011 at 05:05:59AM +1300, Aleksander Swirski wrote:
> thank you for your replies. if someone knows, if it's possible to find some
> trace of old header under the new one ... please let me know. if it's
> definitely not possible ... please let me know. the crypt partition wasn't
> moved or resized, also the home logical volume, which I lost was
> 'continuous' and wasn't moved or resized.
> 
> On 29 October 2011 05:03, Arno Wagner <arno@wagner.name> wrote:
> 
> > On Fri, Oct 28, 2011 at 05:53:48PM +0200, Marc Ballarin wrote:
> > > Am Samstag, den 29.10.2011, 04:23 +1300 schrieb Aleksander Swirski:
> > > ...
> > > > I now realize what might have happened. As I explained I set up same
> > > > passphrase again on this crypt disk when installing new system. But I
> > > > suspect, encryption key underneath could be changed and LVM is now
> > > > scrambled?
> > >
> > > Yes, if you used LUKS this is exactly what happened. cryptsetup created
> > > a new, random master key and wrote it over your old master key.
> >
> > I wonder whether I should as a warning about this at the beginning
> > of the FAQ.
> >
> > Arno
> > --
> > Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
> > arno@wagner.name
> > GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25
> > 338F
> > ----
> > Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
> >
> > If it's in the news, don't worry about it.  The very definition of
> > "news" is "something that hardly ever happens." -- Bruce Schneier
> > _______________________________________________
> > dm-crypt mailing list
> > dm-crypt@saout.de
> > http://www.saout.de/mailman/listinfo/dm-crypt
> >

> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt


-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 

  reply	other threads:[~2011-10-28 16:24 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-10-28 15:23 [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation Aleksander Swirski
2011-10-28 15:37 ` Rick Moritz
2011-10-28 15:48   ` Aleksander Swirski
2011-10-28 15:53 ` Marc Ballarin
2011-10-28 16:03   ` Arno Wagner
2011-10-28 16:05     ` Aleksander Swirski
2011-10-28 16:24       ` Arno Wagner [this message]
2011-10-28 16:38         ` Aleksander Swirski
2011-10-28 17:20           ` Heinz Diehl
2011-10-28 18:14             ` Aleksander Swirski
2011-10-29  7:43               ` Arno Wagner
2011-10-30 16:08                 ` Aleksander Swirski
2011-10-30 17:32                   ` Arno Wagner
2011-10-30 18:56                     ` Aleksander Swirski
2011-10-30 22:25                       ` Jonas Meurer
2011-10-31  0:30                         ` Aleksander Swirski
2011-10-31  3:30                           ` ingo.schmitt
2011-10-31  7:18                             ` Arno Wagner
2011-10-31 22:17                               ` Jonas Meurer
2011-10-31 22:34                                 ` Claudio Moretti
2011-10-31 22:48                                   ` Jonas Meurer
2011-10-31 23:46                                     ` Claudio Moretti
2011-11-01  5:02                                       ` Arno Wagner
2011-11-01  4:45                                     ` Arno Wagner
2011-11-01  4:36                                 ` Arno Wagner
2011-10-31  8:47                           ` Quentin Lefebvre
2011-10-31 22:56                             ` Jonas Meurer
2011-10-31 22:40                           ` Jonas Meurer
2011-10-29  8:15               ` Yves-Alexis Perez
2011-10-30 19:03                 ` Aleksander Swirski

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20111028162428.GA26437@tansi.org \
    --to=arno@wagner.name \
    --cc=dm-crypt@saout.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox