Arno,
Thank you for your prompt reply. Unfortunately, I've not had any success.
Please see below. I've googled for almost the entire night, and haven't
been able to find anything that sets off any flags that meet the conditions
of my system for why this isn't working.
Thank you in advance for your time.
>
> We are currently using dmcrypt to store data for some financial and
medical
> information. Recently, the administrator maintaining the drives has
left
> the company, and we are unable to reach him. The host OS has crashed,
and
> while we have successfully installed a new linux OS, we are unable to
mount
> the drives. Our experience with linux is somewhat limited, so this may
be a
> simple oversight, or it may be something just impossible - but is it at
all
> feasible to retrieve the data from these drives on our new OS (knowing
the
> passwords, of course).
It is not impossible. You can reliably use dm-crypt-ed devices
on other Linux installations, provided that you
- have dm-crypt in the other kernel
- have the cipher used in the other kernel
(I think the hash need not be in the kernel)
- Have new enough tools and libs
dm-crypt is enabled in the kernel, as is the cipher used.
I've removed the old packages, and reinstalled in the following order, the
packages below:
devmapper-1.02.07.orig, libgpg-error-1.3, libgcrypt-1.2.2, and
cryptsetup-0.1
The only configuration I've given to these packages is --prefix.
I've installed the requisite packages, but when I attempt to `cryptsetup
> create name /dev/device` I get the error "Command failed: Invalid
argument".
That is not a password error. I don't know what causes the error,
but maybe your cryptsetup is a bit old? Or you do not have the
/dev/mapper directory? Or you are attemting this not as root?
/dev/mapper exists, as does console inside of it.
I am running as root. I've also tested this on a spare partition, and
receive the same result.
Any other ideas, per chance? I appreciate your help.
Maybe you should to a cross-check: Put the disk with the
valuable data away and make sure dm-crypt is working.
You can do a
cryptsetup <target> create <some partition or device>
and the key does not need to match or in fact the device does
not neet to be encrypted. (Of course you cannot read it then
in a meaningful way, but you can set it up.)
It should
a) create a special file /dev/mapper/<target>
b) ask you for the passphrase
Once you have reached this stage, you can be reasonably sure that
cryptsetup works or that your original problem is caused
by too old software and/or libraries.
In the first case try with the original disk again.
BTW, you might want to make a backup of the encrypted disk with
a sector-imager before proceeding, just to be sure.
> I'm running cryptsetup-0.1, device-mapper-1.02.08, libgcrypt-1.2.2, and
> libgpg-error-1.3. Other than the host OS drive and some memory, the
> hardware is identical, so I'm running the kernel configuration that was
used
> before (and I've checked for requirements just to be sure).
Does not matter. The hardware can be entirely different.
> Please tell me I'm not at a complete loss here.
I think this is some minor issue, that is just not readily obvious.
Arno
--
Arno Wagner, Dipl. Inform., CISSP --- CSG, ETH Zurich,
wagner@xxxxxxxxxxxxxx
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25
338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
Windows is the "under-3" toy of the OS world. -- Matthew D. Fuller
---------------------------------------------------------------------
- http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
