On Wed, Jul 26, 2006 at 12:21:09AM -0500, Default User wrote:
> Thank you in advance for your time.
>
> We are currently using dmcrypt to store data for some financial and medical
> information. Recently, the administrator maintaining the drives has left
> the company, and we are unable to reach him. The host OS has crashed, and
> while we have successfully installed a new linux OS, we are unable to mount
> the drives. Our experience with linux is somewhat limited, so this may be a
> simple oversight, or it may be something just impossible - but is it at all
> feasible to retrieve the data from these drives on our new OS (knowing the
> passwords, of course).
It is not impossible. You can reliably use dm-crypt-ed devices
on other Linux installations, provided that you
- have dm-crypt in the other kernel
- have the cipher used in the other kernel
(I think the hash need not be in the kernel)
- Have new enough tools and libs
> I've installed the requisite packages, but when I attempt to `cryptsetup
> create name /dev/device` I get the error "Command failed: Invalid argument".
That is not a password error. I don't know what causes the error,
but maybe your cryptsetup is a bit old? Or you do not have the
/dev/mapper directory? Or you are attemting this not as root?
Maybe you should to a cross-check: Put the disk with the
valuable data away and make sure dm-crypt is working.
You can do a
cryptsetup <target> create <some partition or device>
and the key does not need to match or in fact the device does
not neet to be encrypted. (Of course you cannot read it then
in a meaningful way, but you can set it up.)
It should
a) create a special file /dev/mapper/<target>
b) ask you for the passphrase
Once you have reached this stage, you can be reasonably sure that
cryptsetup works or that your original problem is caused
by too old software and/or libraries.
In the first case try with the original disk again.
BTW, you might want to make a backup of the encrypted disk with
a sector-imager before proceeding, just to be sure.
> I'm running cryptsetup-0.1, device-mapper-1.02.08, libgcrypt-1.2.2, and
> libgpg-error-1.3. Other than the host OS drive and some memory, the
> hardware is identical, so I'm running the kernel configuration that was used
> before (and I've checked for requirements just to be sure).
Does not matter. The hardware can be entirely different.
> Please tell me I'm not at a complete loss here.
I think this is some minor issue, that is just not readily obvious.
Arno
--
Arno Wagner, Dipl. Inform., CISSP --- CSG, ETH Zurich, wagner@xxxxxxxxxxxxxx
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
Windows is the "under-3" toy of the OS world. -- Matthew D. Fuller
---------------------------------------------------------------------
- http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
