Jan Lühr wrote: > I accidently deleted my loop-aes-keyfile (ironically it happened while > backuping it) > However, all loopdevices are mounted at the moment. > Is there a way to restore my keyfile using the keys loaded into ram? Encryption keys that are in kernel ram were hashed using one way hash and are kept in expanded form. Unlike mainline cryptoloop, loop-AES intentionally does not return the keys using an ioctl() call. Someone would need to write a new kernel module to extract the data. Plan A ~~~~~~ - Backup up your data - Re-create the file system with new key file - Restore from backup Plan B ~~~~~~ - This only works for non-root file systems - Edit /etc/mtab and remove loop mount option from old line: /dev/hda7 /mnt ext2 rw,loop=/dev/loop0,gpgkey=/root/test1.gpg,encryption=AES128 0 0 ^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ so that new line looks like this: /dev/loop0 /mnt ext2 rw 0 0 ^^^^^^^^^^ - When umount program reads above /etc/mtab line, it does not find 'loop' mount option there, and umount program will not automatically detach loop device from backing partition, /dev/hda7 in above example. - Unmount the file system using the _loop_ device, like this: umount /dev/loop0 - Create new key file, like this: head -c 2925 /dev/random | uuencode -m - | head -n 66 | tail -n 65 \ | gpg --symmetric -a >/root/test2.gpg - Attach second loop device to same partition, like this: losetup -e AES128 -K /root/test2.gpg /dev/loop1 /dev/hda7 - Now you should have two loop devices to same partition, /dev/loop0 using old keys, and /dev/loop1 using new keys. - Now re-encrypt that partition using 'dd' command reading from loop device with old keys and writing to loop device with new keys, like this: dd if=/dev/loop0 of=/dev/loop1 bs=1024k conv=notrunc - And finally detach both loop devices from partition: losetup -d /dev/loop0 losetup -d /dev/loop1 - Now you have new key file, and partition encrypted using keys from that new key file. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/