Re: luks partition table altered by linux-swap

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thanks Milan,

yes swap records begin at

0000400: 0100 0000 ffff 0700 0000 0000 0000 0000  ................
0000410: 0000 0000 0000 0000 0000 0000 5357 4150  ............SWAP
0000420: 2d73 6463 3100 0000 0000 0000 0000 0000  -sdc1...........
0000430: 0000 0000 0000 0000 0000 0000 0000 0000  ................
0000440: 0000 0000 0000 0000 0000 0000 0000 0000  ................

while at normally functionin /dev/sda1 i have there is:

0000400: 5841 4749 0000 0001 0000 0000 02b9 53e9  XAGI..........S.
0000410: 0000 0040 0000 0003 0000 0001 0000 0039  ...@...........9
0000420: 0004 4780 ffff ffff ffff ffff ffff ffff  ..G.............
0000430: ffff ffff ffff ffff ffff ffff ffff ffff  ................

So bad luck for me. Thank you for your help.

On Mon, Sep 28, 2009 at 6:03 PM, Milan Broz <mbroz@xxxxxxxxxx> wrote:
> Jonas Meurer wrote:
>> On 28/09/2009 anton ivanov wrote:
>> i don't know redhat cryptsetup management, but maybe a swap filesystem
>> was created (mkswap) on the disk in question? in that case, the luks
>> and/or raid headers might have been overwritten ...
>
> IIRC mkswap in 5.3 do not overwrite first two sectors (so visible LUKS
> header is intact) but it probably overwrites part of the first keyslot area.
> (I think this changed in new version, there mkswap wipe first 4k.)
>
> If this happens, you are out of luck - it will detect LUKS header but
> keyslot is lost and unusable.
>
> (Unfortunately other keyslots are unused, so you cannot use other passphrase.)
>
>> Just curious maybe there is some cryptsetup ability to recover
>> partition table on disk without luksFormat but using already stored
>> metadata on the drive.
>
> You must first decrypt the data, then you can search in them. Data offset
> is known - see LUKS dump and payload offset (in sectors). But without
> master key (iow without valid kesylot) you cannot decrypt it anyway.
>
> Milan
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@xxxxxxxx
> http://www.saout.de/mailman/listinfo/dm-crypt
>



-- 
ai.

http://biwwy.com/
last.fm: littlewizard
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux