Le 06/03/2010 01:12, Marek Stopka a écrit :
Hi guys, I have forgotten password to my luks encrypted disk, I have lost no data (yet :) ), because system is still running with unlocked device, but problem is, that I have a scheduled hardware maintanance window quite soon, so I was wondering is it somehow easily possible to luksAddKey without knowing a password or recover password from memory or it will be much more easier to copy those data somewhere else and create a new encrypted disk? It is like 12TB of data so I would really prefer not to copy those data somewhere else, but if I will have to, I can pull that off... But I am wondering since key need to be in a memory somewhere there could be a way... :)
You could probably launch a "hot cold boot attack" then.. I have no idea if luks/dmcrypt allows you to do it, but you could use that kind of tools: http://citp.princeton.edu/memory/code/ that were made to look for the key in RAM after a "cold boot".
I guess the code or the idea behind it will work even better on an alive system! Yet, maybe there is a simple way to do so using the standard tools..
Good luck, Gilou _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
