[dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Aleksander Swirski]

[-- Attachment #1: Type: text/plain, Size: 3124 bytes --]

Dear friends,
please forgive me my ignorance , if anything is unclear, I will explain
further and will post any info needed.
for quite some time (3 yrs) I had LVM with all partitions of my debian
(root, usr, home, swap) except boot set up inside LUKS encrypted disk. With
time I moved from debian stable to testing (by virtue of dist-upgrade). At
some point I got little but annoying problems with my system - automount
wouldn't work, burner wouldn't burn DVDs, and also system-tools started
failing giving "unrecognized error" on authorization attempt. Because my
recent backups unfortunately already got some issues which I didn't discover
early I would have to travel back in time quite far to get my system stable
again. Instead I decided to set it up anew.

Just didn't want to damage data on my /home partition (within encrypted
LVM), the rest was to be wiped out. I managed to do this feat once in the
past, and got the feeling I know how it goes. But this time I made it the
wrong way obviously. Everything seemed to be fine. When the installer was
running before starting the manual partitioning I executed shell to do
cryptsetup luksOpen and vgchange -ay on my encrypted lvm, so that the
partitions inside were visible to the installer and ready for new system.
This worked. I mounted /home from within this LVM, as a mental marker not to
overwrite it.

In partitioner I marked /usr and / and swap from within LVM to be formated &
filled with new system data. I didn't of course run erasure with random
data. I only marked /home partition to be used as /home but checked it to
keep the data and to leave ext3 intact. Then comes the mistake. I marked the
encrypted drive, to be used, well as encrypted drive under new system.
Installer asked me to provide the pass-phrase (2 times to verify) and I gave
same pass-phrase as was set on this device before. There was no warning :(
the installation went fine. Just before first restart on installation
completion, I executed shell again to check that /home and data was there
and in fact everything was in it's place. I was happy, but then I restarted
the system and ... It couldn't find LVM and wouldn't start. I ran knoppix to
check what has happened. I could open encrypted device giving the usual
passpharse, but LVM inside was gone. instead of /dev/mapper/olek-root
/dev/mapper/olek-usr /dev/mapper/olek-home /dev/mapper/olek-swap inside
/dev/mapper dir I got only /dev/mapper/olek and /dev/mapper/control.
vgchange -ay olek returned : volume group olek not found

I now realize what might have happened. As I explained I set up same
passphrase again on this crypt disk when installing new system. But I
suspect, encryption key underneath could be changed and LVM is now
scrambled? I didn't back up many important files, because my other drive
failed not long time ago and didn't get new one yet due to cash shortage. Is
there any hope? PLEASE if anybody can help me. Is it possible to regain
acces to this LVM? I know it is there, it wasn't overwritten and I can do
luksOpen, but I can't see it inside and only now I understand how much I
need this data back ...

[-- Attachment #2: Type: text/html, Size: 3221 bytes --]

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Rick Moritz]

Hello,
you are quite right here:

> I now realize what might have happened. As I explained I set up same
> passphrase again on this crypt disk when installing new system. But I
> suspect, encryption key underneath could be changed and LVM is now
> scrambled?

This is sadly a common problem with some installers, that has been
brought up once or twice before on this list.

Unless you have a backup of the LUKS-header your data is
"cryptographically hard" (read: impossible) to recover (also read the
dm-crypt FAQ regarding this kind of problem).
If you do have a header backup, you should be able to replace the
current header and except for some minor damage you might be able to
gain access; this depends largely on how well LVM deals with the
damage dealt by the new LVM created by the installer.
If you decide to attempt rescue, make sure to do all operations on a
backup copy, or your chances at recovery will be even slimmer.

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Aleksander Swirski]

[-- Attachment #1: Type: text/plain, Size: 1532 bytes --]

I used encryption, because it was there in the debian installer, but didn't
realize all the details (and dangers) behind it. Till yesterday I didn't
know about header backups, so I don't have one. The thing is I can access
the crypt partition. Is it maybe possible, to find shadow of former header,
as it is possible to find shadow of old partition and its files, after a new
one is created in its place? Except password re-set (to same passphrase) all
the rest was intact just before restart.

On 29 October 2011 04:37, Rick Moritz <rahvin@gmail.com> wrote:

> Hello,
> you are quite right here:
>
> > I now realize what might have happened. As I explained I set up same
> > passphrase again on this crypt disk when installing new system. But I
> > suspect, encryption key underneath could be changed and LVM is now
> > scrambled?
>
> This is sadly a common problem with some installers, that has been
> brought up once or twice before on this list.
>
> Unless you have a backup of the LUKS-header your data is
> "cryptographically hard" (read: impossible) to recover (also read the
> dm-crypt FAQ regarding this kind of problem).
> If you do have a header backup, you should be able to replace the
> current header and except for some minor damage you might be able to
> gain access; this depends largely on how well LVM deals with the
> damage dealt by the new LVM created by the installer.
> If you decide to attempt rescue, make sure to do all operations on a
> backup copy, or your chances at recovery will be even slimmer.
>

[-- Attachment #2: Type: text/html, Size: 1907 bytes --]

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Marc Ballarin]

Am Samstag, den 29.10.2011, 04:23 +1300 schrieb Aleksander Swirski:
... 
> I now realize what might have happened. As I explained I set up same
> passphrase again on this crypt disk when installing new system. But I
> suspect, encryption key underneath could be changed and LVM is now
> scrambled?

Yes, if you used LUKS this is exactly what happened. cryptsetup created
a new, random master key and wrote it over your old master key.

Keeping data by using the same password to create a new mapping only
works for plain cryptsetup without any header. With LUKS (and similar
schemes like Truecrypt) passwords are completely unrelated to the master
key which is used for actual data encryption.

> I didn't back up many important files, because my other drive
> failed not long time ago and didn't get new one yet due to cash shortage. Is
> there any hope? PLEASE if anybody can help me. Is it possible to regain
> acces to this LVM?

Unless you have a backup of your old header there really isn't anything
you can do.

Your password unlocks the master key which in turn unlocks the data. But
you have overwritten your old master key :-(

I hope you will find a header backup or someone else has an idea where
the old master key might still be found...

Regards,
Marc

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Arno Wagner]

On Fri, Oct 28, 2011 at 05:53:48PM +0200, Marc Ballarin wrote:
> Am Samstag, den 29.10.2011, 04:23 +1300 schrieb Aleksander Swirski:
> ... 
> > I now realize what might have happened. As I explained I set up same
> > passphrase again on this crypt disk when installing new system. But I
> > suspect, encryption key underneath could be changed and LVM is now
> > scrambled?
> 
> Yes, if you used LUKS this is exactly what happened. cryptsetup created
> a new, random master key and wrote it over your old master key.

I wonder whether I should as a warning about this at the beginning 
of the FAQ. 

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Aleksander Swirski]

[-- Attachment #1: Type: text/plain, Size: 1551 bytes --]

thank you for your replies. if someone knows, if it's possible to find some
trace of old header under the new one ... please let me know. if it's
definitely not possible ... please let me know. the crypt partition wasn't
moved or resized, also the home logical volume, which I lost was
'continuous' and wasn't moved or resized.

On 29 October 2011 05:03, Arno Wagner <arno@wagner.name> wrote:

> On Fri, Oct 28, 2011 at 05:53:48PM +0200, Marc Ballarin wrote:
> > Am Samstag, den 29.10.2011, 04:23 +1300 schrieb Aleksander Swirski:
> > ...
> > > I now realize what might have happened. As I explained I set up same
> > > passphrase again on this crypt disk when installing new system. But I
> > > suspect, encryption key underneath could be changed and LVM is now
> > > scrambled?
> >
> > Yes, if you used LUKS this is exactly what happened. cryptsetup created
> > a new, random master key and wrote it over your old master key.
>
> I wonder whether I should as a warning about this at the beginning
> of the FAQ.
>
> Arno
> --
> Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
> arno@wagner.name
> GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25
> 338F
> ----
> Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
>
> If it's in the news, don't worry about it.  The very definition of
> "news" is "something that hardly ever happens." -- Bruce Schneier
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>

[-- Attachment #2: Type: text/html, Size: 2187 bytes --]

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Arno Wagner]

As LUKS is specifically designed with anti-forensic features,
a "trace" would not help at all. In fact changing a few bits 
in the keyslots in random locations is quite enough to 
make the data inacessible permanently. As others have said,
without header backup there is no way.

Side note: Encryption does not remove the need for backup.
In fact, the FAQ discusses several encrypted backup options.

Arno


On Sat, Oct 29, 2011 at 05:05:59AM +1300, Aleksander Swirski wrote:
> thank you for your replies. if someone knows, if it's possible to find some
> trace of old header under the new one ... please let me know. if it's
> definitely not possible ... please let me know. the crypt partition wasn't
> moved or resized, also the home logical volume, which I lost was
> 'continuous' and wasn't moved or resized.
> 
> On 29 October 2011 05:03, Arno Wagner <arno@wagner.name> wrote:
> 
> > On Fri, Oct 28, 2011 at 05:53:48PM +0200, Marc Ballarin wrote:
> > > Am Samstag, den 29.10.2011, 04:23 +1300 schrieb Aleksander Swirski:
> > > ...
> > > > I now realize what might have happened. As I explained I set up same
> > > > passphrase again on this crypt disk when installing new system. But I
> > > > suspect, encryption key underneath could be changed and LVM is now
> > > > scrambled?
> > >
> > > Yes, if you used LUKS this is exactly what happened. cryptsetup created
> > > a new, random master key and wrote it over your old master key.
> >
> > I wonder whether I should as a warning about this at the beginning
> > of the FAQ.
> >
> > Arno
> > --
> > Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
> > arno@wagner.name
> > GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25
> > 338F
> > ----
> > Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
> >
> > If it's in the news, don't worry about it.  The very definition of
> > "news" is "something that hardly ever happens." -- Bruce Schneier
> > _______________________________________________
> > dm-crypt mailing list
> > dm-crypt@saout.de
> > http://www.saout.de/mailman/listinfo/dm-crypt
> >

> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt


-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Aleksander Swirski]

[-- Attachment #1: Type: text/plain, Size: 3029 bytes --]

thank you. i made big mistake. at least I have plenty of space now ...

On 29 October 2011 05:24, Arno Wagner <arno@wagner.name> wrote:

> As LUKS is specifically designed with anti-forensic features,
> a "trace" would not help at all. In fact changing a few bits
> in the keyslots in random locations is quite enough to
> make the data inacessible permanently. As others have said,
> without header backup there is no way.
>
> Side note: Encryption does not remove the need for backup.
> In fact, the FAQ discusses several encrypted backup options.
>
> Arno
>
>
> On Sat, Oct 29, 2011 at 05:05:59AM +1300, Aleksander Swirski wrote:
> > thank you for your replies. if someone knows, if it's possible to find
> some
> > trace of old header under the new one ... please let me know. if it's
> > definitely not possible ... please let me know. the crypt partition
> wasn't
> > moved or resized, also the home logical volume, which I lost was
> > 'continuous' and wasn't moved or resized.
> >
> > On 29 October 2011 05:03, Arno Wagner <arno@wagner.name> wrote:
> >
> > > On Fri, Oct 28, 2011 at 05:53:48PM +0200, Marc Ballarin wrote:
> > > > Am Samstag, den 29.10.2011, 04:23 +1300 schrieb Aleksander Swirski:
> > > > ...
> > > > > I now realize what might have happened. As I explained I set up
> same
> > > > > passphrase again on this crypt disk when installing new system. But
> I
> > > > > suspect, encryption key underneath could be changed and LVM is now
> > > > > scrambled?
> > > >
> > > > Yes, if you used LUKS this is exactly what happened. cryptsetup
> created
> > > > a new, random master key and wrote it over your old master key.
> > >
> > > I wonder whether I should as a warning about this at the beginning
> > > of the FAQ.
> > >
> > > Arno
> > > --
> > > Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
> > > arno@wagner.name
> > > GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25
> > > 338F
> > > ----
> > > Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
> > >
> > > If it's in the news, don't worry about it.  The very definition of
> > > "news" is "something that hardly ever happens." -- Bruce Schneier
> > > _______________________________________________
> > > dm-crypt mailing list
> > > dm-crypt@saout.de
> > > http://www.saout.de/mailman/listinfo/dm-crypt
> > >
>
> > _______________________________________________
> > dm-crypt mailing list
> > dm-crypt@saout.de
> > http://www.saout.de/mailman/listinfo/dm-crypt
>
>
> --
> Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
> arno@wagner.name
> GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25
> 338F
> ----
> Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
>
> If it's in the news, don't worry about it.  The very definition of
> "news" is "something that hardly ever happens." -- Bruce Schneier
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>

[-- Attachment #2: Type: text/html, Size: 4378 bytes --]

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Heinz Diehl]

On 28.10.2011, Aleksander Swirski wrote: 

>  i made big mistake. at least I have plenty of space now ...

Maybe, maybe not. I would strongly suggest that you make a low level
backup of your whole disk. Maybe there is something you didn't think
about right now, which suddenly comes up after a few days or weeks...

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Aleksander Swirski]

[-- Attachment #1: Type: text/plain, Size: 949 bytes --]

it's my largest drive, but I will put this one aside and use another
computer. i was tired, when i did that, didn't have clear mind. now I have
no idea, how possibly could I fix this, but it all happened because of some
mental pressure I felt. so I guess, now it's time to chill out. anyway, i
feel bit better because You People :) cared enough to inform me and tried to
help me. it's greatly appreciated.

On 29 October 2011 06:20, Heinz Diehl <htd@fancy-poultry.org> wrote:

> On 28.10.2011, Aleksander Swirski wrote:
>
> >  i made big mistake. at least I have plenty of space now ...
>
> Maybe, maybe not. I would strongly suggest that you make a low level
> backup of your whole disk. Maybe there is something you didn't think
> about right now, which suddenly comes up after a few days or weeks...
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>

[-- Attachment #2: Type: text/html, Size: 1453 bytes --]

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Arno Wagner]

You are welcome. And you learned something valuable, I doubt this
will ever happen to you again. In fact I learned to be careful
with a similar experience (no crypto involved though). I think
you will find that most people have learned to be careful with 
data in some similar way. So don't feel to bad about it.

Arno

On Sat, Oct 29, 2011 at 07:14:27AM +1300, Aleksander Swirski wrote:
> it's my largest drive, but I will put this one aside and use another
> computer. i was tired, when i did that, didn't have clear mind. now I have
> no idea, how possibly could I fix this, but it all happened because of some
> mental pressure I felt. so I guess, now it's time to chill out. anyway, i
> feel bit better because You People :) cared enough to inform me and tried to
> help me. it's greatly appreciated.
> 
> On 29 October 2011 06:20, Heinz Diehl <htd@fancy-poultry.org> wrote:
> 
> > On 28.10.2011, Aleksander Swirski wrote:
> >
> > >  i made big mistake. at least I have plenty of space now ...
> >
> > Maybe, maybe not. I would strongly suggest that you make a low level
> > backup of your whole disk. Maybe there is something you didn't think
> > about right now, which suddenly comes up after a few days or weeks...
> >
> > _______________________________________________
> > dm-crypt mailing list
> > dm-crypt@saout.de
> > http://www.saout.de/mailman/listinfo/dm-crypt
> >

> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt


-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Yves-Alexis Perez]

[-- Attachment #1: Type: text/plain, Size: 739 bytes --]

On sam., 2011-10-29 at 07:14 +1300, Aleksander Swirski wrote:
> it's my largest drive, but I will put this one aside and use another
> computer. i was tired, when i did that, didn't have clear mind. now I have
> no idea, how possibly could I fix this, but it all happened because of some
> mental pressure I felt. so I guess, now it's time to chill out. anyway, i
> feel bit better because You People :) cared enough to inform me and tried to
> help me. it's greatly appreciated. 

You said in the initial mail that you had some backup of the system but
they were a bit old. Are those backup of encrypted or decrypted data? Is
there a chance you may have the luks header somehwere in your backups?

Regards,
-- 
Yves-Alexis

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 836 bytes --]

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Aleksander Swirski]

[-- Attachment #1: Type: text/plain, Size: 2940 bytes --]

I fully agree. I managed to retrieve all crucial passwords (fortunately I
remembered most of them and was able to reset the rest). The web pages I
was working with are on servers, and many materials in my e-mail history.
Older documents and most of the photos on some DVD's. After initial shock
now I accept what has happened and I decided to work on my personality to
change attitude towards taking unnecessary risk. There is no place for that
if I want to be professional in what I do.

I think this is a good idea, to try to put the message through, especially
to less knowledgeable users, about the loose nature of the relationship
between the pass phrase and the real cryptographic key, which does the
whole job underneath.

Thanks to all.

On 29 October 2011 09:43, Arno Wagner <arno@wagner.name> wrote:

> You are welcome. And you learned something valuable, I doubt this
> will ever happen to you again. In fact I learned to be careful
> with a similar experience (no crypto involved though). I think
> you will find that most people have learned to be careful with
> data in some similar way. So don't feel to bad about it.
>
> Arno
>
> On Sat, Oct 29, 2011 at 07:14:27AM +1300, Aleksander Swirski wrote:
> > it's my largest drive, but I will put this one aside and use another
> > computer. i was tired, when i did that, didn't have clear mind. now I
> have
> > no idea, how possibly could I fix this, but it all happened because of
> some
> > mental pressure I felt. so I guess, now it's time to chill out. anyway, i
> > feel bit better because You People :) cared enough to inform me and
> tried to
> > help me. it's greatly appreciated.
> >
> > On 29 October 2011 06:20, Heinz Diehl <htd@fancy-poultry.org> wrote:
> >
> > > On 28.10.2011, Aleksander Swirski wrote:
> > >
> > > >  i made big mistake. at least I have plenty of space now ...
> > >
> > > Maybe, maybe not. I would strongly suggest that you make a low level
> > > backup of your whole disk. Maybe there is something you didn't think
> > > about right now, which suddenly comes up after a few days or weeks...
> > >
> > > _______________________________________________
> > > dm-crypt mailing list
> > > dm-crypt@saout.de
> > > http://www.saout.de/mailman/listinfo/dm-crypt
> > >
>
> > _______________________________________________
> > dm-crypt mailing list
> > dm-crypt@saout.de
> > http://www.saout.de/mailman/listinfo/dm-crypt
>
>
> --
> Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
> arno@wagner.name
> GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25
> 338F
> ----
> Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
>
> If it's in the news, don't worry about it.  The very definition of
> "news" is "something that hardly ever happens." -- Bruce Schneier
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>

[-- Attachment #2: Type: text/html, Size: 4081 bytes --]

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Arno Wagner]

On Sun, Oct 30, 2011 at 05:08:08PM +0100, Aleksander Swirski wrote:
> I fully agree. I managed to retrieve all crucial passwords (fortunately I
> remembered most of them and was able to reset the rest). The web pages I
> was working with are on servers, and many materials in my e-mail history.
> Older documents and most of the photos on some DVD's. After initial shock
> now I accept what has happened and I decided to work on my personality to
> change attitude towards taking unnecessary risk. There is no place for that
> if I want to be professional in what I do.

Indeed. But is is a learning process.
 
> I think this is a good idea, to try to put the message through, especially
> to less knowledgeable users, about the loose nature of the relationship
> between the pass phrase and the real cryptographic key, which does the
> whole job underneath.

Added to the FAQ, currently on the web, to be posted here
next week. And that you managed to get the most critical data
back means your system is essentially sound.

Arno

 
> Thanks to all.
> 
> On 29 October 2011 09:43, Arno Wagner <arno@wagner.name> wrote:
> 
> > You are welcome. And you learned something valuable, I doubt this
> > will ever happen to you again. In fact I learned to be careful
> > with a similar experience (no crypto involved though). I think
> > you will find that most people have learned to be careful with
> > data in some similar way. So don't feel to bad about it.
> >
> > Arno
> >
> > On Sat, Oct 29, 2011 at 07:14:27AM +1300, Aleksander Swirski wrote:
> > > it's my largest drive, but I will put this one aside and use another
> > > computer. i was tired, when i did that, didn't have clear mind. now I
> > have
> > > no idea, how possibly could I fix this, but it all happened because of
> > some
> > > mental pressure I felt. so I guess, now it's time to chill out. anyway, i
> > > feel bit better because You People :) cared enough to inform me and
> > tried to
> > > help me. it's greatly appreciated.
> > >
> > > On 29 October 2011 06:20, Heinz Diehl <htd@fancy-poultry.org> wrote:
> > >
> > > > On 28.10.2011, Aleksander Swirski wrote:
> > > >
> > > > >  i made big mistake. at least I have plenty of space now ...
> > > >
> > > > Maybe, maybe not. I would strongly suggest that you make a low level
> > > > backup of your whole disk. Maybe there is something you didn't think
> > > > about right now, which suddenly comes up after a few days or weeks...
> > > >
> > > > _______________________________________________
> > > > dm-crypt mailing list
> > > > dm-crypt@saout.de
> > > > http://www.saout.de/mailman/listinfo/dm-crypt
> > > >
> >
> > > _______________________________________________
> > > dm-crypt mailing list
> > > dm-crypt@saout.de
> > > http://www.saout.de/mailman/listinfo/dm-crypt
> >
> >
> > --
> > Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
> > arno@wagner.name
> > GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25
> > 338F
> > ----
> > Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
> >
> > If it's in the news, don't worry about it.  The very definition of
> > "news" is "something that hardly ever happens." -- Bruce Schneier
> > _______________________________________________
> > dm-crypt mailing list
> > dm-crypt@saout.de
> > http://www.saout.de/mailman/listinfo/dm-crypt
> >

> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt


-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Aleksander Swirski]

[-- Attachment #1: Type: text/plain, Size: 5036 bytes --]

Arno, I'm glad that this info will be now in the FAQ. About my system being
sound - can't quite agree on that. Just got a tiny little bit of luck in
this unlucky situation. My habit of always writing some most important
passwords by hand, made all the difference between 'disaster' and
'apocalypse' :)

I will also try to push this info to the debian devs. I'm not sure how to do
that properly (hint appreciated). I know, that the route of installation I
took is not a common one, but a simple warning would suffice to avoid this
kind of trouble. After all my encrypted LVM and specifically the /home
partition within LVM wasn't listed among those, which are to be erased at
any point during the installation. (I marked them with - K - keep the data)

On 30 October 2011 18:32, Arno Wagner <arno@wagner.name> wrote:

> On Sun, Oct 30, 2011 at 05:08:08PM +0100, Aleksander Swirski wrote:
> > I fully agree. I managed to retrieve all crucial passwords (fortunately I
> > remembered most of them and was able to reset the rest). The web pages I
> > was working with are on servers, and many materials in my e-mail history.
> > Older documents and most of the photos on some DVD's. After initial shock
> > now I accept what has happened and I decided to work on my personality to
> > change attitude towards taking unnecessary risk. There is no place for
> that
> > if I want to be professional in what I do.
>
> Indeed. But is is a learning process.
>
> > I think this is a good idea, to try to put the message through,
> especially
> > to less knowledgeable users, about the loose nature of the relationship
> > between the pass phrase and the real cryptographic key, which does the
> > whole job underneath.
>
> Added to the FAQ, currently on the web, to be posted here
> next week. And that you managed to get the most critical data
> back means your system is essentially sound.
>
> Arno
>
>
> > Thanks to all.
> >
> > On 29 October 2011 09:43, Arno Wagner <arno@wagner.name> wrote:
> >
> > > You are welcome. And you learned something valuable, I doubt this
> > > will ever happen to you again. In fact I learned to be careful
> > > with a similar experience (no crypto involved though). I think
> > > you will find that most people have learned to be careful with
> > > data in some similar way. So don't feel to bad about it.
> > >
> > > Arno
> > >
> > > On Sat, Oct 29, 2011 at 07:14:27AM +1300, Aleksander Swirski wrote:
> > > > it's my largest drive, but I will put this one aside and use another
> > > > computer. i was tired, when i did that, didn't have clear mind. now I
> > > have
> > > > no idea, how possibly could I fix this, but it all happened because
> of
> > > some
> > > > mental pressure I felt. so I guess, now it's time to chill out.
> anyway, i
> > > > feel bit better because You People :) cared enough to inform me and
> > > tried to
> > > > help me. it's greatly appreciated.
> > > >
> > > > On 29 October 2011 06:20, Heinz Diehl <htd@fancy-poultry.org> wrote:
> > > >
> > > > > On 28.10.2011, Aleksander Swirski wrote:
> > > > >
> > > > > >  i made big mistake. at least I have plenty of space now ...
> > > > >
> > > > > Maybe, maybe not. I would strongly suggest that you make a low
> level
> > > > > backup of your whole disk. Maybe there is something you didn't
> think
> > > > > about right now, which suddenly comes up after a few days or
> weeks...
> > > > >
> > > > > _______________________________________________
> > > > > dm-crypt mailing list
> > > > > dm-crypt@saout.de
> > > > > http://www.saout.de/mailman/listinfo/dm-crypt
> > > > >
> > >
> > > > _______________________________________________
> > > > dm-crypt mailing list
> > > > dm-crypt@saout.de
> > > > http://www.saout.de/mailman/listinfo/dm-crypt
> > >
> > >
> > > --
> > > Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
> > > arno@wagner.name
> > > GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25
> > > 338F
> > > ----
> > > Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
> > >
> > > If it's in the news, don't worry about it.  The very definition of
> > > "news" is "something that hardly ever happens." -- Bruce Schneier
> > > _______________________________________________
> > > dm-crypt mailing list
> > > dm-crypt@saout.de
> > > http://www.saout.de/mailman/listinfo/dm-crypt
> > >
>
> > _______________________________________________
> > dm-crypt mailing list
> > dm-crypt@saout.de
> > http://www.saout.de/mailman/listinfo/dm-crypt
>
>
> --
> Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
> arno@wagner.name
> GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25
> 338F
> ----
> Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
>
> If it's in the news, don't worry about it.  The very definition of
> "news" is "something that hardly ever happens." -- Bruce Schneier
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>

[-- Attachment #2: Type: text/html, Size: 7070 bytes --]

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Aleksander Swirski]

[-- Attachment #1: Type: text/plain, Size: 1403 bytes --]

This was always decrypted data. I was making tar archives of system
partitions, already decrypted and mounted. So I think, the header can't be
there?

Yves, looking at your e-mail - maybe you can advice me weather and how
should I send some info to debian team? I think some small warning or info
could make a big difference for other people who might try to reattach their
previously encrypted drive to a new debian install.

On 29 October 2011 10:15, Yves-Alexis Perez <corsac@debian.org> wrote:

> On sam., 2011-10-29 at 07:14 +1300, Aleksander Swirski wrote:
> > it's my largest drive, but I will put this one aside and use another
> > computer. i was tired, when i did that, didn't have clear mind. now I
> have
> > no idea, how possibly could I fix this, but it all happened because of
> some
> > mental pressure I felt. so I guess, now it's time to chill out. anyway, i
> > feel bit better because You People :) cared enough to inform me and tried
> to
> > help me. it's greatly appreciated.
>
> You said in the initial mail that you had some backup of the system but
> they were a bit old. Are those backup of encrypted or decrypted data? Is
> there a chance you may have the luks header somehwere in your backups?
>
> Regards,
> --
> Yves-Alexis
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>
>

[-- Attachment #2: Type: text/html, Size: 1905 bytes --]

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Jonas Meurer]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Aleksander,

Am 30.10.2011 19:56, schrieb Aleksander Swirski:
> I will also try to push this info to the debian devs. I'm not sure
> how to do that properly (hint appreciated). I know, that the route
> of installation I took is not a common one, but a simple warning
> would suffice to avoid this kind of trouble. After all my encrypted
> LVM and specifically the /home partition within LVM wasn't listed
> among those, which are to be erased at any point during the
> installation. (I marked them with - K - keep the data)

I guess that you selected to configure the device which contained the
LVM volume group as new encrypted device. Then you where asked for the
new passphrase twice, and a new LUKS header was written to the device,
overwriting the old LUKS header. That way you shredded all the
encrypted data on that device, regardless what it was.

The partitions you marked as "keep the data" weren't overwritten, just
the LUKS header of underlying device was overwritten.

I agree, that a warning in the Debian Installer is a good idea, but to
be honest, there's already a big fat warning:

> _Description: Really erase the data on ${DEVICE}? The data on
> ${DEVICE} will be overwritten with random data. It can no longer be
> recovered after this step has completed. This is the last 
> opportunity to abort the erase.

(from
http://anonscm.debian.org/gitweb/?p=d-i/partman-crypto.git;a=blob;f=debian/partman-crypto.templates)

If you like to propose changes to the (warnings in the) process of
configuring encrypted volumes during installation of Debian, feel free
to discuss this on debian-boot@lists.debian.org. You might as well
take a look at the following page:
http://wiki.debian.org/DebianInstaller/PartmanCrypto

Greetings,
 jonas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJOrc7tAAoJEFJi5/9JEEn+bo4P/0vX3AxnpXzWO3NUvYW2wh6H
k7v8Dhx6Rw5HXttHuF8JSypkvcHuLfWyGLq0J4qlsw4GvK/cPtwdCuSe//uJvqSB
4Z6qj55E/3/M+aEBMzT9oBeZ5DVGPp0+76VWFNijGzHYMoT4YYm0pZBsmfZ7U2RJ
+7xFyGP0d7oXJIqoW8aUyufgdYnRNdcZdJtY27XHgKW1m9ytllIuK0h7hl410/L0
vy2t4IqSlO5Uko1/bOf3FETNkBRTUl4T2jWMP3dEpNMRobB1ZH5I5menXWSwzgR9
c2QWRkwQ8iUsAdakofnl9O1jhtw3Z9MKxHQbnxh32oNuS5Aaf5xxfiI7jXf3yY/L
GUKyIOa5nGtNtwUt4l0RTJAKoyY2J2KtBJm+JL51tQ3q/iyZsfRLVmyczlkzKUhj
vMKgSzhV8/IyQ/snqftAMqmRXYgaOE3qDCe8MR+EChIFwX2Zr+eRWdRzVFDjQ0kP
Cyc6Yw3TrthD8GuWWxU93tE3YMVxgI76+lDk/LBLZjviMTEfkR5e+gmuoff+Xdta
aBYek7loOjkqb+gJ6qeqAKuDLAZnw/BmHfgpYQpatdSeiV6jpGPkGMbYTwDHLlXR
rE72FJe1emdcDWQ6TE8SP+6KW22HirBPD5q6DPqJ2Oxcxx+AotXeLvDpnhd9S5b2
fDNHacCUklPyCeH81nsH
=PLsS
-----END PGP SIGNATURE-----

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Aleksander Swirski]

[-- Attachment #1: Type: text/plain, Size: 4011 bytes --]

I'm pretty sure this warning is only displayed when someone decides to
create new crypto on some partition or fill encrypted device with random
data in the next step after setting the password. but just setting the
password on an existing device makes data unusable without warning. when
the partitioning is finished there is a list of partitions that will be
wiped out, and also, during my installation crypto-deviced and /home inside
LVM was not listed there, but already lost few clicks earlier.

i understand that it wasn't taken into consideration that someone can
attach existing encrypted device, but only that a new one will be created.
this is inconsistent with how it goes with unencrypted partitions, where
you can reattach them without formatting and keep your data. so i guess
with encrypted partition this should also work that way. or maybe i miss
the point? i will try to make the whole scenario clear, and then send my
proposition, to debian-boot@lists.debian.org

On 30 October 2011 23:25, Jonas Meurer <jonas@freesources.org> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Aleksander,
>
> Am 30.10.2011 19:56, schrieb Aleksander Swirski:
> > I will also try to push this info to the debian devs. I'm not sure
> > how to do that properly (hint appreciated). I know, that the route
> > of installation I took is not a common one, but a simple warning
> > would suffice to avoid this kind of trouble. After all my encrypted
> > LVM and specifically the /home partition within LVM wasn't listed
> > among those, which are to be erased at any point during the
> > installation. (I marked them with - K - keep the data)
>
> I guess that you selected to configure the device which contained the
> LVM volume group as new encrypted device. Then you where asked for the
> new passphrase twice, and a new LUKS header was written to the device,
> overwriting the old LUKS header. That way you shredded all the
> encrypted data on that device, regardless what it was.
>
> The partitions you marked as "keep the data" weren't overwritten, just
> the LUKS header of underlying device was overwritten.
>
> I agree, that a warning in the Debian Installer is a good idea, but to
> be honest, there's already a big fat warning:
>
> > _Description: Really erase the data on ${DEVICE}? The data on
> > ${DEVICE} will be overwritten with random data. It can no longer be
> > recovered after this step has completed. This is the last
> > opportunity to abort the erase.
>
> (from
>
> http://anonscm.debian.org/gitweb/?p=d-i/partman-crypto.git;a=blob;f=debian/partman-crypto.templates
> )
>
> If you like to propose changes to the (warnings in the) process of
> configuring encrypted volumes during installation of Debian, feel free
> to discuss this on debian-boot@lists.debian.org. You might as well
> take a look at the following page:
> http://wiki.debian.org/DebianInstaller/PartmanCrypto
>
> Greetings,
>  jonas
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQIcBAEBAgAGBQJOrc7tAAoJEFJi5/9JEEn+bo4P/0vX3AxnpXzWO3NUvYW2wh6H
> k7v8Dhx6Rw5HXttHuF8JSypkvcHuLfWyGLq0J4qlsw4GvK/cPtwdCuSe//uJvqSB
> 4Z6qj55E/3/M+aEBMzT9oBeZ5DVGPp0+76VWFNijGzHYMoT4YYm0pZBsmfZ7U2RJ
> +7xFyGP0d7oXJIqoW8aUyufgdYnRNdcZdJtY27XHgKW1m9ytllIuK0h7hl410/L0
> vy2t4IqSlO5Uko1/bOf3FETNkBRTUl4T2jWMP3dEpNMRobB1ZH5I5menXWSwzgR9
> c2QWRkwQ8iUsAdakofnl9O1jhtw3Z9MKxHQbnxh32oNuS5Aaf5xxfiI7jXf3yY/L
> GUKyIOa5nGtNtwUt4l0RTJAKoyY2J2KtBJm+JL51tQ3q/iyZsfRLVmyczlkzKUhj
> vMKgSzhV8/IyQ/snqftAMqmRXYgaOE3qDCe8MR+EChIFwX2Zr+eRWdRzVFDjQ0kP
> Cyc6Yw3TrthD8GuWWxU93tE3YMVxgI76+lDk/LBLZjviMTEfkR5e+gmuoff+Xdta
> aBYek7loOjkqb+gJ6qeqAKuDLAZnw/BmHfgpYQpatdSeiV6jpGPkGMbYTwDHLlXR
> rE72FJe1emdcDWQ6TE8SP+6KW22HirBPD5q6DPqJ2Oxcxx+AotXeLvDpnhd9S5b2
> fDNHacCUklPyCeH81nsH
> =PLsS
> -----END PGP SIGNATURE-----
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>

[-- Attachment #2: Type: text/html, Size: 5110 bytes --]

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[ingo.schmitt]

Another idea: Cryptsetup should offer to backup the header
on the same drive when changes to an existing header are requested.

I assume that headers size isn't an issue.

Thx,
Ingo

On 10/31/2011 01:30 AM, Aleksander Swirski wrote:
> I'm pretty sure this warning is only displayed when someone decides to
> create new crypto on some partition or fill encrypted device with random
> data in the next step after setting the password. but just setting the
> password on an existing device makes data unusable without warning. when
> the partitioning is finished there is a list of partitions that will be
> wiped out, and also, during my installation crypto-deviced and /home
> inside LVM was not listed there, but already lost few clicks earlier.
>
> i understand that it wasn't taken into consideration that someone can
> attach existing encrypted device, but only that a new one will be
> created. this is inconsistent with how it goes with unencrypted
> partitions, where you can reattach them without formatting and keep your
> data. so i guess with encrypted partition this should also work that
> way. or maybe i miss the point? i will try to make the whole scenario
> clear, and then send my proposition, to debian-boot@lists.debian.org
> <mailto:debian-boot@lists.debian.org>
>
> On 30 October 2011 23:25, Jonas Meurer <jonas@freesources.org
> <mailto:jonas@freesources.org>> wrote:
>
>     -----BEGIN PGP SIGNED MESSAGE-----
>     Hash: SHA1
>
>     Hi Aleksander,
>
>     Am 30.10.2011 19:56, schrieb Aleksander Swirski:
>      > I will also try to push this info to the debian devs. I'm not sure
>      > how to do that properly (hint appreciated). I know, that the route
>      > of installation I took is not a common one, but a simple warning
>      > would suffice to avoid this kind of trouble. After all my encrypted
>      > LVM and specifically the /home partition within LVM wasn't listed
>      > among those, which are to be erased at any point during the
>      > installation. (I marked them with - K - keep the data)
>
>     I guess that you selected to configure the device which contained the
>     LVM volume group as new encrypted device. Then you where asked for the
>     new passphrase twice, and a new LUKS header was written to the device,
>     overwriting the old LUKS header. That way you shredded all the
>     encrypted data on that device, regardless what it was.
>
>     The partitions you marked as "keep the data" weren't overwritten, just
>     the LUKS header of underlying device was overwritten.
>
>     I agree, that a warning in the Debian Installer is a good idea, but to
>     be honest, there's already a big fat warning:
>
>      > _Description: Really erase the data on ${DEVICE}? The data on
>      > ${DEVICE} will be overwritten with random data. It can no longer be
>      > recovered after this step has completed. This is the last
>      > opportunity to abort the erase.
>
>     (from
>     http://anonscm.debian.org/gitweb/?p=d-i/partman-crypto.git;a=blob;f=debian/partman-crypto.templates)
>
>     If you like to propose changes to the (warnings in the) process of
>     configuring encrypted volumes during installation of Debian, feel free
>     to discuss this on debian-boot@lists.debian.org
>     <mailto:debian-boot@lists.debian.org>. You might as well
>     take a look at the following page:
>     http://wiki.debian.org/DebianInstaller/PartmanCrypto
>
>     Greetings,
>       jonas
>     -----BEGIN PGP SIGNATURE-----
>     Version: GnuPG v1.4.11 (GNU/Linux)
>     Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
>     iQIcBAEBAgAGBQJOrc7tAAoJEFJi5/9JEEn+bo4P/0vX3AxnpXzWO3NUvYW2wh6H
>     k7v8Dhx6Rw5HXttHuF8JSypkvcHuLfWyGLq0J4qlsw4GvK/cPtwdCuSe//uJvqSB
>     4Z6qj55E/3/M+aEBMzT9oBeZ5DVGPp0+76VWFNijGzHYMoT4YYm0pZBsmfZ7U2RJ
>     +7xFyGP0d7oXJIqoW8aUyufgdYnRNdcZdJtY27XHgKW1m9ytllIuK0h7hl410/L0
>     vy2t4IqSlO5Uko1/bOf3FETNkBRTUl4T2jWMP3dEpNMRobB1ZH5I5menXWSwzgR9
>     c2QWRkwQ8iUsAdakofnl9O1jhtw3Z9MKxHQbnxh32oNuS5Aaf5xxfiI7jXf3yY/L
>     GUKyIOa5nGtNtwUt4l0RTJAKoyY2J2KtBJm+JL51tQ3q/iyZsfRLVmyczlkzKUhj
>     vMKgSzhV8/IyQ/snqftAMqmRXYgaOE3qDCe8MR+EChIFwX2Zr+eRWdRzVFDjQ0kP
>     Cyc6Yw3TrthD8GuWWxU93tE3YMVxgI76+lDk/LBLZjviMTEfkR5e+gmuoff+Xdta
>     aBYek7loOjkqb+gJ6qeqAKuDLAZnw/BmHfgpYQpatdSeiV6jpGPkGMbYTwDHLlXR
>     rE72FJe1emdcDWQ6TE8SP+6KW22HirBPD5q6DPqJ2Oxcxx+AotXeLvDpnhd9S5b2
>     fDNHacCUklPyCeH81nsH
>     =PLsS
>     -----END PGP SIGNATURE-----
>     _______________________________________________
>     dm-crypt mailing list
>     dm-crypt@saout.de <mailto:dm-crypt@saout.de>
>     http://www.saout.de/mailman/listinfo/dm-crypt
>
>
>
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Arno Wagner]

I am opposed to this. cryptsetup is not at fault here, it displays
a big, fat warning (unless disabled). If an installer decides
to suppress that warning and give something far less clear,
then the installer is broken and needs to be fixed. A good
installer would  give a very clear warning and require
more than just a click or "RETURN" as confirmation. 
cryptsetup already does both. 

In addition, any kind of automatic header backup 
breaks the LUKS security model and needs to come
with a very clear warning if automatized (as in an 
installer). The problem is that old passphrases will
be stored and will survive deletion in the active LUKS
header. That is not good at all.

The right thing here is to complain to those that made the
broken (or not careful enough) installer and to ask them to
either keep the very clear warning and verification question
asked by cryptsetup, or to do something equally clear 
themselves.

Side note: I am unsure whether Ubuntu has fixed this issue by now.
Does anybody know?

Side note 2: Added a generic warning about dangerous distro installers 
to the FAQ.

Arno

On Mon, Oct 31, 2011 at 04:30:11AM +0100, ingo.schmitt@binarysignals.net wrote:
> Another idea: Cryptsetup should offer to backup the header
> on the same drive when changes to an existing header are requested.
> 
> I assume that headers size isn't an issue.
> 
> Thx,
> Ingo
> 
> On 10/31/2011 01:30 AM, Aleksander Swirski wrote:
> >I'm pretty sure this warning is only displayed when someone decides to
> >create new crypto on some partition or fill encrypted device with random
> >data in the next step after setting the password. but just setting the
> >password on an existing device makes data unusable without warning. when
> >the partitioning is finished there is a list of partitions that will be
> >wiped out, and also, during my installation crypto-deviced and /home
> >inside LVM was not listed there, but already lost few clicks earlier.
> >
> >i understand that it wasn't taken into consideration that someone can
> >attach existing encrypted device, but only that a new one will be
> >created. this is inconsistent with how it goes with unencrypted
> >partitions, where you can reattach them without formatting and keep your
> >data. so i guess with encrypted partition this should also work that
> >way. or maybe i miss the point? i will try to make the whole scenario
> >clear, and then send my proposition, to debian-boot@lists.debian.org
> ><mailto:debian-boot@lists.debian.org>
> >
> >On 30 October 2011 23:25, Jonas Meurer <jonas@freesources.org
> ><mailto:jonas@freesources.org>> wrote:
> >
> >    -----BEGIN PGP SIGNED MESSAGE-----
> >    Hash: SHA1
> >
> >    Hi Aleksander,
> >
> >    Am 30.10.2011 19:56, schrieb Aleksander Swirski:
> >     > I will also try to push this info to the debian devs. I'm not sure
> >     > how to do that properly (hint appreciated). I know, that the route
> >     > of installation I took is not a common one, but a simple warning
> >     > would suffice to avoid this kind of trouble. After all my encrypted
> >     > LVM and specifically the /home partition within LVM wasn't listed
> >     > among those, which are to be erased at any point during the
> >     > installation. (I marked them with - K - keep the data)
> >
> >    I guess that you selected to configure the device which contained the
> >    LVM volume group as new encrypted device. Then you where asked for the
> >    new passphrase twice, and a new LUKS header was written to the device,
> >    overwriting the old LUKS header. That way you shredded all the
> >    encrypted data on that device, regardless what it was.
> >
> >    The partitions you marked as "keep the data" weren't overwritten, just
> >    the LUKS header of underlying device was overwritten.
> >
> >    I agree, that a warning in the Debian Installer is a good idea, but to
> >    be honest, there's already a big fat warning:
> >
> >     > _Description: Really erase the data on ${DEVICE}? The data on
> >     > ${DEVICE} will be overwritten with random data. It can no longer be
> >     > recovered after this step has completed. This is the last
> >     > opportunity to abort the erase.
> >
> >    (from
> >    http://anonscm.debian.org/gitweb/?p=d-i/partman-crypto.git;a=blob;f=debian/partman-crypto.templates)
> >
> >    If you like to propose changes to the (warnings in the) process of
> >    configuring encrypted volumes during installation of Debian, feel free
> >    to discuss this on debian-boot@lists.debian.org
> >    <mailto:debian-boot@lists.debian.org>. You might as well
> >    take a look at the following page:
> >    http://wiki.debian.org/DebianInstaller/PartmanCrypto
> >
> >    Greetings,
> >      jonas
> >    -----BEGIN PGP SIGNATURE-----
> >    Version: GnuPG v1.4.11 (GNU/Linux)
> >    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> >
> >    iQIcBAEBAgAGBQJOrc7tAAoJEFJi5/9JEEn+bo4P/0vX3AxnpXzWO3NUvYW2wh6H
> >    k7v8Dhx6Rw5HXttHuF8JSypkvcHuLfWyGLq0J4qlsw4GvK/cPtwdCuSe//uJvqSB
> >    4Z6qj55E/3/M+aEBMzT9oBeZ5DVGPp0+76VWFNijGzHYMoT4YYm0pZBsmfZ7U2RJ
> >    +7xFyGP0d7oXJIqoW8aUyufgdYnRNdcZdJtY27XHgKW1m9ytllIuK0h7hl410/L0
> >    vy2t4IqSlO5Uko1/bOf3FETNkBRTUl4T2jWMP3dEpNMRobB1ZH5I5menXWSwzgR9
> >    c2QWRkwQ8iUsAdakofnl9O1jhtw3Z9MKxHQbnxh32oNuS5Aaf5xxfiI7jXf3yY/L
> >    GUKyIOa5nGtNtwUt4l0RTJAKoyY2J2KtBJm+JL51tQ3q/iyZsfRLVmyczlkzKUhj
> >    vMKgSzhV8/IyQ/snqftAMqmRXYgaOE3qDCe8MR+EChIFwX2Zr+eRWdRzVFDjQ0kP
> >    Cyc6Yw3TrthD8GuWWxU93tE3YMVxgI76+lDk/LBLZjviMTEfkR5e+gmuoff+Xdta
> >    aBYek7loOjkqb+gJ6qeqAKuDLAZnw/BmHfgpYQpatdSeiV6jpGPkGMbYTwDHLlXR
> >    rE72FJe1emdcDWQ6TE8SP+6KW22HirBPD5q6DPqJ2Oxcxx+AotXeLvDpnhd9S5b2
> >    fDNHacCUklPyCeH81nsH
> >    =PLsS
> >    -----END PGP SIGNATURE-----
> >    _______________________________________________
> >    dm-crypt mailing list
> >    dm-crypt@saout.de <mailto:dm-crypt@saout.de>
> >    http://www.saout.de/mailman/listinfo/dm-crypt
> >
> >
> >
> >
> >_______________________________________________
> >dm-crypt mailing list
> >dm-crypt@saout.de
> >http://www.saout.de/mailman/listinfo/dm-crypt
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
> 

-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Quentin Lefebvre]

On 31/10/2011 01:30, Aleksander Swirski wrote :
> I'm pretty sure this warning is only displayed when someone decides to
> create new crypto on some partition or fill encrypted device with random
> data in the next step after setting the password. but just setting the
> password on an existing device makes data unusable without warning. when
> the partitioning is finished there is a list of partitions that will be
> wiped out, and also, during my installation crypto-deviced and /home inside
> LVM was not listed there, but already lost few clicks earlier.
> 
> i understand that it wasn't taken into consideration that someone can
> attach existing encrypted device, but only that a new one will be created.
> this is inconsistent with how it goes with unencrypted partitions, where
> you can reattach them without formatting and keep your data. so i guess
> with encrypted partition this should also work that way. or maybe i miss
> the point? i will try to make the whole scenario clear, and then send my
> proposition, to debian-boot@lists.debian.org

Hi,

Indeed, it seems that improvements can be done for the Debian installer
to better handle crypto disks and partitions. With the little experience
I have about using encrypted partitions with LUKS/cryptsetup under/over
LVM, I would not have tried to attach an existing encrypted device
through the installer menu, as I know pretty well that few scenarios are
handled at this point.
Hopelessly, what you had to do in your case was to switch to a console
to make changes by hand or, if you could, wait for the reboot of your
fresh install to edit the system files and mount old volumes this way.

I agree on the point you mention, i.e. encryption could be better
integrated in the installer so that assisted mounting of old encrypted
partitions becomes possible.
In my particular case, it would be *very* valuable that other encryption
schemes get integrated in the linux kernel / initrd used by the Debian
installer, because the latter cannot either create or mount my encrypted
partitions (which need the 'xts' module). At least not with additional
work... Installing my system is really complicated by this limitation,
as I have to :

 1) ( *before* launching the installer) find the appropriate kernel
modules and put them on a USB key (I sometimes installed a useless
system just for that)
 2) (during the installation process) manually partition the disks in a
console, with the necessary step of loading the modules I use
 3) (at the end of the installation process, *before* reboot ) 'chroot
/target' to
    a) edit the /etc/cryptab file and add my encrypted devices
    b) edit the /etc/initramfs-tools/modules and add the appropriate modules
    c) *run* 'mkinitramfs -k all -u -v'
    d) check grub and fstab config (no longer necessary ?)
    e) exit
Only after these operations, I can safely switch back to the installer
and reboot the system, with the hope my root filesystem will be
correctly opened.

I would be happy to help Debian developers regarding this kind of
install, but I have always delayed the moment I contact them. If you are
planning to do so, I would be interested to be included in the
discussion and give my feedback too.

Best,
Quentin

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Jonas Meurer]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 31.10.2011 08:18, schrieb Arno Wagner:
> In addition, any kind of automatic header backup breaks the LUKS
> security model and needs to come with a very clear warning if
> automatized (as in an installer). The problem is that old
> passphrases will be stored and will survive deletion in the active
> LUKS header. That is not good at all.

While I agree with you, that cryptsetup already does a lot to prevent
data (i.e. header) loss, I don't see a reason why (optional) header
backup at some random place on the device would be such a big security
problem.
For sure the exact place of backup header would be stored in the first
header, and any cryptsetup action which changes/whipes (parts of) the
header, would need to do this for the backup header as well.

Overwriting the first kbytes of device would no longer be sufficient.
Instead overwriting the header would require to actually overwrite
both first and backup header. But that's the only drawback I can see
so far.

I guess that I missed something important.

Greetings,
 jonas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJOrx6UAAoJEFJi5/9JEEn+rIEQAILZUrOjqRp9mVh7njfux7Vb
6BUu2dHMyL+gLbszh8igR40UCxVh2UFfH1PSSU48wrd/IX8XYBy2YqMF0QQVyHPC
/dtExqdC31XZdA7eS8UrVGW3imkCB0XSnVkWPcV14SdyLO7ormMIMme3fi8TaJQk
7n0WJ6k3c613SV3BnDCut0940k/Q8NmCtKNqFyTU0ZKgfE6gYkf57n+DQgqOfFzi
3tftq4zpZgORxXU5aTGE9IFGM63T3ZpfJQTYOXt7Hez4EpnX6ly1QQO3JkknYHwr
51tXKsWceMVVY92NdUxQZ6WWUfKrLUdZNPy6TL/ZG7bviSj36OFcpQkYP4lxfrD+
hWVObY1R6kt73UcCZNRYSJYtl4q5BSxI61i0k/PecDjEfZmE6lZlIjKS2XNzh6O4
jsfd9JXZ9n/R7RCiG1BRdTET8MDxnM//Q5Iqes84ume8yuLInP4AP50/uxg1e3SL
UZ0+nlDofRd/cMtse92ggFbw8ZuHQtNV1TKU5dbFLXxaei1ymadT/fmdXSFHBlCQ
Qex1FrDxnBYMEtnZaR5Md5huVwQSb6+LvToSVjeZ53spq+JPp8HXFo0HCCEDwuPE
1j562nElqYfRkXPohGr2QkVvy2lze2tnJpk9ocPfy1gsokY/cyh6y01DWOz9JdA6
rAmoNpPLdd+E4taTu3ZM
=BQD4
-----END PGP SIGNATURE-----

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Claudio Moretti]

[-- Attachment #1: Type: text/plain, Size: 863 bytes --]

>
> While I agree with you, that cryptsetup already does a lot to prevent
> data (i.e. header) loss, I don't see a reason why (optional) header
> backup at some random place on the device would be such a big security
> problem.
>
Because it would significantly decrease the efficiency of cryptsetup
anti-forensic features, if i'm not wrong..
Meaning that if the header is stored somewhere in the disk, that place
should be traceable: if it is random, there has to be some known place
where its location is stored; if the location information is not stored,
but one has to analyze the entire disk to find it, analyzing the disk would
expose the header; this applies also to the "fixed header location"
hypothesis.
That's what I think I have understood from previous (similar and related)
discussions with Arno; please, correct me if I'm mistaken.
Regards,
Claudio

[-- Attachment #2: Type: text/html, Size: 1075 bytes --]

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Jonas Meurer]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 31.10.2011 01:30, schrieb Aleksander Swirski:
> I'm pretty sure this warning is only displayed when someone decides
> to create new crypto on some partition or fill encrypted device
> with random data in the next step after setting the password. but
> just setting the password on an existing device makes data unusable
> without warning. when the partitioning is finished there is a list
> of partitions that will be wiped out, and also, during my
> installation crypto-deviced and /home inside LVM was not listed
> there, but already lost few clicks earlier.

I'm not sure what you mean by 'setting the password on an existing
device'. Last time I checked, the Debian Installer didn't support to
unlock and integrate existing encrypted partitions. You needed to do
this manually on the console. Thus, there was no way to set the
password for an existing device.

I'm pretty sure that you did what you called to 'create new crypto on
some partition'.

Nevertheless, in case that no warning was displayed to you, this
clearly should be considered as a bug.

> i understand that it wasn't taken into consideration that someone
> can attach existing encrypted device, but only that a new one will
> be created. this is inconsistent with how it goes with unencrypted 
> partitions, where you can reattach them without formatting and keep
> your data. so i guess with encrypted partition this should also
> work that way. or maybe i miss the point? i will try to make the
> whole scenario clear, and then send my proposition, to
> debian-boot@lists.debian.org <mailto:debian-boot@lists.debian.org>

Yes, support for using existing encrypted devices is not added to the
installer yet. At least, there's a bugreport[1] with a patch. This
might be a useful starting point in case you want to work on adding
this feature.

Greetings,
 jonas

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451535
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJOryP1AAoJEFJi5/9JEEn+s8kP/2A/ws7Dbo/rUZPY/WmFR/tx
a73AmY/AWf65ouQV89d2+cwF0587UUOFKEOm/6ZOQG8NS5Jwep/co35lSk2s7alZ
uT71R2UELFs8gkDswyBLuzq3UplISiBCZJWWJtRp/5ElYGhQ1B0ylGv3MVcfOxCh
843fmzYNr6YgJFfL960uWoRRNjGQ6C7+a/hbjkJ/ANDnv5/+cSASbSk9cjdPwJh8
sKFzTOy874sUs9rFTQlCSW7sdaNlG9WnTcIrrLJi5MRqsDA48cNbtvpexUzZOw4P
OAeIlPfMliqBlGgs6df5ChFzd3ho+gKl3drowypHa7NMXKuA0AKoRhAEMA93b1LM
ZIWQLn76aOo8+3VxBGzLZ4jr5fXI4/7ikSGPheElOdidFSq3ZHJVVo6Qzvkyn5L+
XwNf/bB9VIo5XnE88TulDPsCyAOn4wNQIGkikt6LmAvXDAA8OuRUSYKxRAxfFZHm
Qw8MTt5EnJO6rox6LcfuM52H5mFbpZsQONhTVqs6lCjj3aSuaS2UKD7u+3vnuH1L
mGnOVLIQP8o65bjE8/twNelSJRCbIdjltxvs3X60WbknfdMaj97jASBf7bolVCCk
rIYw9W644aAihCBz5B/8svjXGN3FuQdvuedrmCUkcFdmPacNDDzcKvDmF063JvdD
P+r8MM78XAqOjpROebnR
=tlhe
-----END PGP SIGNATURE-----

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Jonas Meurer]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 31.10.2011 23:34, schrieb Claudio Moretti:
> While I agree with you, that cryptsetup already does a lot to
> prevent data (i.e. header) loss, I don't see a reason why
> (optional) header backup at some random place on the device would
> be such a big security problem.
> 
> Because it would significantly decrease the efficiency of
> cryptsetup anti-forensic features, if i'm not wrong.. Meaning that
> if the header is stored somewhere in the disk, that place should be
> traceable: if it is random, there has to be some known place where
> its location is stored; if the location information is not stored, 
> but one has to analyze the entire disk to find it, analyzing the
> disk would expose the header; this applies also to the "fixed
> header location" hypothesis. That's what I think I have understood
> from previous (similar and related) discussions with Arno; please,
> correct me if I'm mistaken.

I don't suggest to hide the backup header. In fact the exact place of
it should be obvious (either fixed, or better: random but written to
the first header). Thus the second header is as obvious as the first
one. Only difference: it's not at the beginning of the device.
Unfortunately the first sectors of a device are overwritten much more
often than later sectors.

I see that a backup header - which for sure needs to be overwritten by
new luksFormat - wouldn't prevent accidents like the one explained in
the first message to this thread. Only in cases where people
accidently overwrite the first sectors of a luks device, this kind of
backup header could prevent data loss.

Greetings,
 jonas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJOryWtAAoJEFJi5/9JEEn+wU0P/jYjfauG4Ak1C+eLZ/YzkSEH
Lf5KY5WlIip3dKSkrgtZ9EjIB71PJbDhvdA0QLG6k/5MbubrDqSIGf+rb8LvJ46n
FlaBob16VcpWbhdycgk07DRjt94lkI7IZg3LrLcK3f1xD53Ztyo96dqUlAU6jOzB
qNjhQawgViTR6YPeMozUs8fn4gPAFp5AzxdmOpvoPCuErk3A8/r7T5NBRtDROPw8
7tva1AQvoFYHh8ZmSCncTN/1h0QGMTjWVY4rVUVypk7p8axbFOUQWqpnKQ15Vee/
XfPavhd8d4ws/z0OOfMn5bLQt4c9UhWC8wbr74rt/TCkXVggx4HAUT4XHZItRkK4
8MxPZLCDxINedy1s5cpkgWFpptmqNbraf9iof2DXjQLQw1V+FABIDYXV1YxzGqc7
eWKPtpNTvhwBVYZ3PsEXIqnLTo2yrzit5/GQsk/MKgGFcJRYfK9/MqVkRWb0YNR+
tmt+H0y1TZXKm265EcryjvJ1jVJ7fylAtSbMGOW8OUHvLHTZfkzF2HZ7uhdy36RB
czEHt6WbfpZI783fjp6C3SnPNM3MJXd+UTWJN5uCaWaxWNols1mZI/Jn8M2GUDQH
TtwDDSwq/a+R63piVrvjLNJKglbjz/Km6j/Nz/VUY9B07+Ih+dPhNKOB62fl0DTW
QL8T/nDXlV4Z/IXq5Q1M
=5p2O
-----END PGP SIGNATURE-----

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Jonas Meurer]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey Quentin,

Am 31.10.2011 09:47, schrieb Quentin Lefebvre:
> Indeed, it seems that improvements can be done for the Debian
> installer to better handle crypto disks and partitions. With the
> little experience I have about using encrypted partitions with
> LUKS/cryptsetup under/over LVM, I would not have tried to attach an
> existing encrypted device through the installer menu, as I know
> pretty well that few scenarios are handled at this point. 
> Hopelessly, what you had to do in your case was to switch to a
> console to make changes by hand or, if you could, wait for the
> reboot of your fresh install to edit the system files and mount old
> volumes this way.
> 
> I agree on the point you mention, i.e. encryption could be better 
> integrated in the installer so that assisted mounting of old
> encrypted partitions becomes possible. [...] I would be happy to
> help Debian developers regarding this kind of install, but I have
> always delayed the moment I contact them. If you are planning to do
> so, I would be interested to be included in the discussion and give
> my feedback too.

I'm pretty sure that help with cryptsetup integration into the Debian
Installer (D-I) is highly appreciated by the current D-I developers.

As a starting point, you might want to check the following resources:

request for support to integrate existing encrypted devices in D-I:
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451535

slighly outdated wiki page about cryptsetup integration to D-I:
	http://wiki.debian.org/DebianInstaller/PartmanCrypto

git repository with partman-crypto code:
	http://anonscm.debian.org/gitweb/?p=d-i/partman-crypto.git

Greetings,
 jonas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJOryeYAAoJEFJi5/9JEEn+kRQP/0rYn8A/0w0PKJ7bCbkIxyC4
xh6QWG1quFCWiWXSQMqidWrXNv9Ht2TeJ58MMn/jk/rWJV8ZE7SGkkGW5h1Lf09m
bjPqd9GRajzWLtZC7GCx5EigaNdoCtrXA4qmwDVDf8S+0KpxWZVi5tmz9CB9tUp6
V4qK5Iti2v8mH+rNktlv2sQRDfmXr0fe0+LLVTk9VmKzgn3blQ6jd51VI+XtcjK6
Uw/Tr525KlL5iPjZy7DDEJ4P+36774Euc5VmZiDahdrnzwV6oeUzIjLTLwe4KEYQ
SDVu7T8eTaCY34c9KLAr1kCg0b8TzH4GSP2JXRkK6jGpYgzgTSFlHzi+OcTsiZ26
JZKGth6vs9IILpysCqGb53KyrVaKGAG2rVe8FdOtitYm2xOpLdNPHVs9x2XP0lFN
sqo4o6cRIWBsz8RIdU6ma6pPphWBEUZqsHzLqEHqEpZN2iA3RE7Kp/RyEsnSSdz5
ra6t1So9LX+6FaxrHf6u2ZzcZ7SJB5+p54HYxgKCoXXZ/g8X95Z7PlaOBSBkvN2c
uzleQ+2PCf+002CI+UcK9hmWsp6KxzZsTagilVFDFg+66c7IDfo5xK2acquq9a3l
OujoEfOyShjo9CdMMMBlSki4V8Kn9BFfk4m0g594fJ9DkJwVl9PMSESw4CJbWuCl
YaOA82xNdVhHO0ESful+
=GPw5
-----END PGP SIGNATURE-----

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Claudio Moretti]

[-- Attachment #1: Type: text/plain, Size: 2584 bytes --]

> I don't suggest to hide the backup header. In fact the exact place of
> it should be obvious (either fixed, or better: random but written to
> the first header). Thus the second header is as obvious as the first
> one. Only difference: it's not at the beginning of the device.
> Unfortunately the first sectors of a device are overwritten much more
> often than later sectors.
>
>
AFAIK, the LUKS header is not on the beginning of the partition, but it's
distributed in it; there's a piece of it at the beginning (the "0x0A L U K
S" part) but the rest is not there (because of anti-forensic stuff).. That
said, if you overwrite the beginning of the disk (or it gets corrupted) you
damage data that cannot be reconstructed, so you lose access to the disk.


> I see that a backup header - which for sure needs to be overwritten by
> new luksFormat - wouldn't prevent accidents like the one explained in
> the first message to this thread. Only in cases where people
> accidently overwrite the first sectors of a luks device, this kind of
> backup header could prevent data loss.
>

True, and that can be done: the header is not big, so there should be no
problem in doing this. But if I'm right, and the header is in a
unknown-but-reconstructable position (i.e. with the right passphrase, you
access the right positions for keyslots/master key), doing so would expose
the entire header: one simply has to look for identical data on the disk
(if your header is - for example - "0x0123456789abcdef", an attacker that
finds two occurrences of "0x0123456789abcdef" on the disk may assume that
this is your header) and your anti-forensic measures are gone.
Also, suppose you have something really really secret on your LUKS disk, so
secret that you'd rather lose it than admitting you have it; if you don't
have a header backup on the disk, you should simply overwrite something
like 1KB of data on your disk (and running dd if=/dev/urandom of=/dev/sdX
ensures you can do it instantly: no way one can stop it in time) and you're
safe. If there's a header backup somewhere, and you don't know where, how
can you do it? dd-ing the entire disk takes hours, even with a "small" one
(80GB?)..
Better idea is: you advise your users to backup their header (like
Truecrypt does with its "boot rescue disk" or something) and you provide a
stupid-proof procedure to do it (like modifying partman in every
distribution to be able to create a header backup on an external disk or
something..
But that's something that should be done from distribution mantainers, not
from cryptsetup itself.

Claudio

[-- Attachment #2: Type: text/html, Size: 3084 bytes --]

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Arno Wagner]

On Mon, Oct 31, 2011 at 11:17:57PM +0100, Jonas Meurer wrote:
> Am 31.10.2011 08:18, schrieb Arno Wagner:
> > In addition, any kind of automatic header backup breaks the LUKS
> > security model and needs to come with a very clear warning if
> > automatized (as in an installer). The problem is that old
> > passphrases will be stored and will survive deletion in the active
> > LUKS header. That is not good at all.
> 
> While I agree with you, that cryptsetup already does a lot to prevent
> data (i.e. header) loss, I don't see a reason why (optional) header
> backup at some random place on the device would be such a big security
> problem.

And here is the problem. If it is optional, it will not help
in a careless installer. A fareful installer can offer to do 
a backup already, using "cryptsetup luksHeaderBackup". It can
also check whether something is a LUKS device via 
"cryptsetup isLuks". 

I really don't think this is a cryptsetup issue, excapt maybe
that the documentation (mostly the FAQ and man-page) could 
warn more. But I think looking into the FAQ is non-optional
and I have no idea how to make the warnings even clearer.
Especially somebody doing an installer that can do LUKS
should read the FAQ!

> For sure the exact place of backup header would be stored in the first
> header, and any cryptsetup action which changes/whipes (parts of) the
> header, would need to do this for the backup header as well.
> 
> Overwriting the first kbytes of device would no longer be sufficient.
> Instead overwriting the header would require to actually overwrite
> both first and backup header. But that's the only drawback I can see
> so far.
> 
> I guess that I missed something important.

In principle that could work. However there is good reason to place
the header at the start, so the backup would need to go right after 
it. This would decrease LUKS anti-forensic strength. In order to
keep passphrases secure, both headers would always need to be 
synchronized. This would make things perceptibly slower. Usability
(and speed) is very important in cryptographic tools, after all
a tool that is not used because people do not like it can never
offer any security improvement.

Then there are the ways people damage their header. One is putting 
a FAT filesystem on top. Now, say your FAT filesystem is 4GB in
FAT32. Then clsuter size would be 4kB, i.e. around 1'000'000 clusters.
This givesd a size of the actual FAT table of 4MB which is stored twice,
i.e. 8MB. The LUKS header is 1MB (or 2MB with xts). So the
FAT table gets wiped together with its backup. 

Another option would be to place the header at the end of the 
device. But this would be problematic for several reasons. One
is that it is certainly a bad idea to replicate the incredible
mess the md people have made with their headers. An other is that 
fast header wiping becomes hard. A third is that device resizing 
becomes hard. And a fourth is that suddenly LUKS would need to 
know about device sizes.

The other thing is that all this would not help for the installer 
problem, as an installer would definitely need to wipe the backup 
as well on creating a new LUKS container. For an installer, the 
only real solution is to clearly warn the user and possibly do that
header backup inless the user explicitely says no. And, as said 
above, it is easy to detect whether there is already a LUKS 
container on a device.

At this time the FAQ even has a warning at the beginning that some
installers are not clear enough on what they are doing. I guess
somebody wanting to be careful when creating an installer has
all the help needed (and can definitely ask here as well!). Somebody
that does not care or does not see the problem will manage to
botch it anyways and there is not really anything cryptsetup can do.

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Arno Wagner]

On Mon, Oct 31, 2011 at 11:48:13PM +0100, Jonas Meurer wrote:
[...]
> I don't suggest to hide the backup header. In fact the exact place of
> it should be obvious (either fixed, or better: random but written to
> the first header). 

I don't think random is doable. After all, people may want to put
a filesystem in there. Or not. You cannot just use some of that
space the layer above expects to be at its disposal. There is really
only one place to put a backup: Right after the first header and
keyslot area, everything else breaks proper layering. And that does 
not really help.

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 

Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

[Arno Wagner]

On Tue, Nov 01, 2011 at 12:46:57AM +0100, Claudio Moretti wrote:
> > I don't suggest to hide the backup header. In fact the exact place of
> > it should be obvious (either fixed, or better: random but written to
> > the first header). Thus the second header is as obvious as the first
> > one. Only difference: it's not at the beginning of the device.
> > Unfortunately the first sectors of a device are overwritten much more
> > often than later sectors.
> >
> >
> AFAIK, the LUKS header is not on the beginning of the partition, but it's
> distributed in it; there's a piece of it at the beginning (the "0x0A L U K
> S" part) but the rest is not there (because of anti-forensic stuff).. That
> said, if you overwrite the beginning of the disk (or it gets corrupted) you
> damage data that cannot be reconstructed, so you lose access to the disk.

Ah, no. There is a bit of padding between header and keyslots (and
between the keyslots), but besides that the whole structire is at
the start of the device. Higly recoomended: FAQ entry "What does the 
on-disk structure of LUKS look like?" in FAQ section 6.
 
> > I see that a backup header - which for sure needs to be overwritten by
> > new luksFormat - wouldn't prevent accidents like the one explained in
> > the first message to this thread. Only in cases where people
> > accidently overwrite the first sectors of a luks device, this kind of
> > backup header could prevent data loss.
> >
> 
> True, and that can be done: the header is not big, so there should be no
> problem in doing this. But if I'm right, and the header is in a
> unknown-but-reconstructable position (i.e. with the right passphrase, you
> access the right positions for keyslots/master key), doing so would expose
> the entire header: one simply has to look for identical data on the disk
> (if your header is - for example - "0x0123456789abcdef", an attacker that
> finds two occurrences of "0x0123456789abcdef" on the disk may assume that
> this is your header) and your anti-forensic measures are gone.

Sorry, but no. See above. Placing the header in a non-static location
would not even hide it. Encrypted data is pretty easy to identify.

> Also, suppose you have something really really secret on your LUKS disk, so
> secret that you'd rather lose it than admitting you have it; if you don't
> have a header backup on the disk, you should simply overwrite something
> like 1KB of data on your disk (and running dd if=/dev/urandom of=/dev/sdX
> ensures you can do it instantly: no way one can stop it in time) and you're
> safe. If there's a header backup somewhere, and you don't know where, how
> can you do it? dd-ing the entire disk takes hours, even with a "small" one
> (80GB?)..

That is indeed a concern. However for "really, really secret" better
use plain dm-crypt. Although "plausible deniability" sounds nice in
theory, it does not really work in practice. 
See FAQ and http://xkcd.com/538/

> Better idea is: you advise your users to backup their header (like
> Truecrypt does with its "boot rescue disk" or something) and you provide a
> stupid-proof procedure to do it (like modifying partman in every
> distribution to be able to create a header backup on an external disk or
> something..
> But that's something that should be done from distribution mantainers, not
> from cryptsetup itself.

I don't know what a distribution installer should do, but if it is
LUKS aware, it should check every partition to be written to for a 
present LUKS header before and warn very, very clearly that no, the
LUKS header is not going to be "activated", it is going to be killed!

The Ubuntu people had that problem already (no idea whether it is 
fixed by now) and now something similar in Debian. I do not even 
stricly see the installer people at fault. It seems people are very 
much used to software doing things right "automagically" these
days and mentally map "LUKS header creation" not to "disaster" but 
to "my existing LUKS container is to be included into the distros 
automation". When in a hurry/tired/distracted, this then leads 
to said disaster. 

The fix is a very clear question "Do you rally want to LOSE ALL 
DATA in the LUKS container?" to be answered, e.g., with an uppercase 
"YES" as cryptsetup does it.

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier