From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by mail.saout.de (Postfix) with ESMTP id 134F08FCF for ; Fri, 31 Jul 2009 14:48:18 +0200 (CEST) Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Akhn-GBhYusk for ; Fri, 31 Jul 2009 14:48:13 +0200 (CEST) Received: from mail.limuru.com (mail.limuru.com [66.18.200.72]) by mail.saout.de (Postfix) with ESMTP for ; Fri, 31 Jul 2009 14:48:13 +0200 (CEST) Message-ID: <4A72E803.5020802@limuru.com> Date: Fri, 31 Jul 2009 06:48:03 -0600 From: Anthony Mutiso MIME-Version: 1.0 References: <200907311112.38952.schindler@schintech.net> In-Reply-To: <200907311112.38952.schindler@schintech.net> Content-Type: multipart/alternative; boundary="------------010602030604000906090804" Subject: Re: [dm-crypt] Questions about LUKS on RAID5 List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Wolfgang Schindler Cc: dm-crypt@saout.de This is a multi-part message in MIME format. --------------010602030604000906090804 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit I am no LUKS expert so are not able to respond to the LUKS question, but man mdadm does say that you can, but should not, set a specific UUID with --uuid on create. By the way, does the fs pass an fsck? Wolfgang Schindler wrote: > Hello out there, sunny greetings from good old germany, > > > Don't know if i'm in the right place here. I need some help as it's a > black doomed day, today, things went wrong as they sometimes do....... > For a real long time i had two running RAID5's with LUKS encrypted > data on them. I had to change the system, so i setup a new machine, > with two new raid5's also encrypted with LUKS, of course with some > more data space. I sent the data over network. Anything worked fine > for some days. > Now my system disk crashed. So i took another system disk from another > raid system and started up. One of the data raids was found > immediately and i could luksOpen it with my passphrase, the other one > could not be assembled. > I tried some assembles with --force and --scan. Did not work. > Now I had a real bad idea, late at night and lot's of other things to > do asides. I zeroed the superblocks of the devices belonging to the > raid that could not be assembled. > I rebuilt the raid with the same parameters as before and it was > rebuilt. The raid was then found immediately. > No problems until there, but when i was trying to luksOpen the raid, > my passphrase did not work. > So i checked the sourcecode of cryptsetup-1.0.7 and saw that in > function LUKS_generate_phdr the UUID of the underlying Raid or Device > is used in some way. > But, by recreating the RAID, the UUID of the RAID has changed. So far > so bad. > > > Question 1: > is this UUID used in any way for decryption? > Question 2: > Would it be a reasonable and walkable way to set back the UUID to the > older one (thanks God or whomever, it was noticed in the old > mdadm.conf) to get the decryption running again? > Question 3: > Do you know how to set back the UUID? > > > Thanks for answering, otherwise my good datastuff was gone?? and i had > a real bad day. > > > Cheers > -- > Wolfgang Schindler > > > ------------------------------------------------------------------------ > > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > http://www.saout.de/mailman/listinfo/dm-crypt > --------------010602030604000906090804 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit I am no LUKS expert so are not able to respond to the LUKS question, but man mdadm does say that you can, but should not, set a specific UUID with --uuid on create.

By the way, does the fs pass an fsck?

Wolfgang Schindler wrote:
Hello out there, sunny greetings from good old germany,


Don't know if i'm in the right place here. I need some help as it's a black doomed day, today, things went wrong as they sometimes do.......
For a real long time i had two running RAID5's with LUKS encrypted data on them. I had to change the system, so i setup a new machine, with two new raid5's also encrypted with LUKS, of course with some more data space. I sent the data over network. Anything worked fine for some days.
Now my system disk crashed. So i took another system disk from another raid system and started up. One of the data raids was found immediately and i could luksOpen it with my passphrase, the other one could not be assembled.
I tried some assembles with --force and --scan. Did not work.
Now I had a real bad idea, late at night and lot's of other things to do asides. I zeroed the superblocks of the devices belonging to the raid that could not be assembled.
I rebuilt the raid with the same parameters as before and it was rebuilt. The raid was then found immediately.
No problems until there, but when i was trying to luksOpen the raid, my passphrase did not work.
So i checked the sourcecode of cryptsetup-1.0.7 and saw that in function LUKS_generate_phdr the UUID of the underlying Raid or Device is used in some way.
But, by recreating the RAID, the UUID of the RAID has changed. So far so bad.


Question 1:
is this UUID used in any way for decryption?
Question 2:
Would it be a reasonable and walkable way to set back the UUID to the older one (thanks God or whomever, it was noticed in the old mdadm.conf) to get the decryption running again?
Question 3:
Do you know how to set back the UUID?


Thanks for answering, otherwise my good datastuff was gone?? and i had a real bad day.


Cheers
--
Wolfgang Schindler



_______________________________________________
dm-crypt mailing list
dm-crypt@saout.de
http://www.saout.de/mailman/listinfo/dm-crypt
--------------010602030604000906090804--