Now that I know all this, I consider the LUKS format fundamentally flawed to data corruption. A single bit flip invalidates your key. cryptsetup should point that out this and suggest using at least two keyslots, just for precaution from data corruption. A second copy of the LUKS header would also be of great help here.
Fatality ...
On Thu, Jun 3, 2010 at 6:51 PM, Milan Broz <mbroz@xxxxxxxxxx> wrote:
On 06/03/2010 05:32 PM, Panagiotis Malakoudis wrote:If any part of the used keyslot (which is located after visible header,
> I have a luks partition which was corrupted by failed disk i/o.
> Examining the partition, the first 512 bytes of the LUKS header is
> correct, then there is a corruption which I am not really sure how many
> sectors affected. Giving the correct key always returns: "No key
> available with this passphrase.". Since the first 512 bytes are correct,
> I guess all key information is unharmed. Is there a way to decrypt the
> partition, even loosing some sectors of data?
- in you case starting at sector 8 to sector 264 (hope I calculated it properly),
is modified or lost, you lost that keyslot completely.
Because you have only one active keyslot, you probably lost the whole disk:-(
(Only backup of this keyslot area can help here.)
Milan
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
