One idea. I have the same passphrase on first correctly working drive. Can I dump keyslot data from it and put it to this wiped out one? On Mon, Sep 28, 2009 at 7:33 PM, anton ivanov <run.into.flowers@xxxxxxxxx> wrote: > Thanks Milan, > > yes swap records begin at > > 0000400: 0100 0000 ffff 0700 0000 0000 0000 0000 ................ > 0000410: 0000 0000 0000 0000 0000 0000 5357 4150 ............SWAP > 0000420: 2d73 6463 3100 0000 0000 0000 0000 0000 -sdc1........... > 0000430: 0000 0000 0000 0000 0000 0000 0000 0000 ................ > 0000440: 0000 0000 0000 0000 0000 0000 0000 0000 ................ > > while at normally functionin /dev/sda1 i have there is: > > 0000400: 5841 4749 0000 0001 0000 0000 02b9 53e9 XAGI..........S. > 0000410: 0000 0040 0000 0003 0000 0001 0000 0039 ...@...........9 > 0000420: 0004 4780 ffff ffff ffff ffff ffff ffff ..G............. > 0000430: ffff ffff ffff ffff ffff ffff ffff ffff ................ > > So bad luck for me. Thank you for your help. > > On Mon, Sep 28, 2009 at 6:03 PM, Milan Broz <mbroz@xxxxxxxxxx> wrote: >> Jonas Meurer wrote: >>> On 28/09/2009 anton ivanov wrote: >>> i don't know redhat cryptsetup management, but maybe a swap filesystem >>> was created (mkswap) on the disk in question? in that case, the luks >>> and/or raid headers might have been overwritten ... >> >> IIRC mkswap in 5.3 do not overwrite first two sectors (so visible LUKS >> header is intact) but it probably overwrites part of the first keyslot area. >> (I think this changed in new version, there mkswap wipe first 4k.) >> >> If this happens, you are out of luck - it will detect LUKS header but >> keyslot is lost and unusable. >> >> (Unfortunately other keyslots are unused, so you cannot use other passphrase.) >> >>> Just curious maybe there is some cryptsetup ability to recover >>> partition table on disk without luksFormat but using already stored >>> metadata on the drive. >> >> You must first decrypt the data, then you can search in them. Data offset >> is known - see LUKS dump and payload offset (in sectors). But without >> master key (iow without valid kesylot) you cannot decrypt it anyway. >> >> Milan >> >> _______________________________________________ >> dm-crypt mailing list >> dm-crypt@xxxxxxxx >> http://www.saout.de/mailman/listinfo/dm-crypt >> > > > > -- > ai. > > http://biwwy.com/ > last.fm: littlewizard > -- ai. http://biwwy.com/ last.fm: littlewizard _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
