From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a7vuji0ukdMQ for ; Thu, 28 Jul 2011 09:14:06 +0200 (CEST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mail.saout.de (Postfix) with ESMTP for ; Thu, 28 Jul 2011 09:14:04 +0200 (CEST) Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p6S7E3ZQ006746 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Thu, 28 Jul 2011 03:14:03 -0400 Received: from [10.36.6.248] (vpn1-6-248.ams2.redhat.com [10.36.6.248]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id p6S7E2I9017647 for ; Thu, 28 Jul 2011 03:14:03 -0400 Message-ID: <4E310C39.7090200@redhat.com> Date: Thu, 28 Jul 2011 09:14:01 +0200 From: Milan Broz MIME-Version: 1.0 References: <6A594D5B-7048-4A81-AA1A-E2F5C895E9F4@gmail.com> <20110728050428.GA5441@tansi.org> In-Reply-To: <20110728050428.GA5441@tansi.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] Extract master key from running system List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de On 07/28/2011 07:04 AM, Arno Wagner wrote: > I have to admit that there is no info in the FAQ because when I wrote > that I did not have time to find out. In the mean time I have had > an opportunity to do so, so I should probably update the FAQ. First, > I think trying to dump will not create additional damage. Here is what > works on my machine: > > cryptsetup luksDump --dump-master-key For luksDump you need valid LUKS header. btw I added script which tries to extract master key automatically fro active device and prepares cryptsetup parameters. http://code.google.com/p/cryptsetup/source/browse/trunk/misc/luks-header-from-active The steps there are quite straightforward. Milan