Known PW stopped working... LUKS header damaged?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Is there any way to check the LUKS header integrity?
On a server system running a RAID5 with LUKS + dm-crypt on top I rebooted after ~6 months uptime and a bunch of updates on applicatoins and kernel. After the reboot the LUKS Password used so far does not work any more. 

All I get is:

Failed to setup dm-crypt key mapping.
Check kernel for support for the aes-lrw-benbi cipher spec and verify that /dev/md0 contains at least 514 sectors. 
Failed to read from key storage
Command failed: No key available with this passphrase.
The checks on http://www.saout.de/tikiwiki/tiki-index.php?page=LUKSFaq seem OK. 

Also cryptsetup luksDump comes back with the normal...

LUKS header information for /dev/md0

Version:        1
Cipher name:    aes
Cipher mode:    lrw-benbi
Hash spec:      sha1
Payload offset: 2056
MK bits:        256
MK digest:      81 17 f1 62 4e 91 72 7b 12 47 a4 23 b6 79 83 af de b9 20 ed
MK salt:        e7 85 b6 47 68 e3 84 19 a5 23 b7 01 01 a8 c9 e9
               63 d2 d6 01 57 49 57 99 50 71 0a fd a0 8b e9 9c
MK iterations:  10
UUID:           dddf1765-7980-4698-9c9b-af508360f9e4

Key Slot 0: DISABLED
Key Slot 1: ENABLED
       Iterations:             303308
Salt: 37 25 57 e0 e2 e4 05 c9 40 9c c7 bc 90 25 f4 2e 98 11 92 7e 0c c3 65 2a 39 17 90 06 5d 07 7c 72 
       Key material offset:    264
       AF stripes:             4000
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED
As I am pretty sure of the Password and I am the only one with acces to the machine I suppose the header got damaged somehow. 
I also tried to boot of some live distros but got the same results...
The passphrase is >32 byte and contains special characters.
Is there some type of checksum implemented to check the LUKS header integrity? Have there been changes in cryptsetup or dm-crypt which might affect a working Password to stop working? 
Any other ideas on how to recover the data?

I would appreciate any suggestionons.
Best regards,
  Rolf Schroeder

---------------------------------------------------------------------
dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux