Hi Miklos, the salt is key-grade material, so without salt, you are about in the same situatuion as you are without master key. Basically everything in the header can be re-created but the salt, and therefore recovery without header is not possible. It is not that intuitive, but salting itself is not intuitive at first glance. Salts only work if they are non-predictable and that is just the condition that a key must fulfill. So, sorry, but without header backup you data is gone and that is by design. Hopefully these disasters will get less frequent now that the FAQ is part of the cryptsetup distribution. I think I will add an explanation to the FAQ about what a salt is and how it is integrated in LUKS. This will hopefully make things even clearer. Gr"usse, Arno On Thu, Dec 02, 2010 at 01:15:52PM +0100, Miklos Bagi wrote: > Apologies for replying my own post. > > I believe I found the not so happy answer for me in Dr. Wagner's monthly > FAQ. > > Is it possible to provide salt manually? > Implementing a simple logic may allow re-generating the original header > in case something bad happens, but I admit it makes sense keeping > backups of lhdrs somewhere safe. > > Thanks, > Miklos > > On 12/02/2010 11:28 AM, Miklos Bagi wrote: > > Hi all, > > > > I'm hoping to get directions with a 'small' recovery task. > > > > Given a partition that's known to be a broken LUKS one, lhdr is missing > > (incl magic, chipher, hash, uuid, etc.), however there are some facts known: > > - chipher: aes-cbc-essiv:sha256 > > - keysize: 256 bits > > - offset: 2056 sectors > > - most importantly: we have the master key file available. > > > > I have the suspicion that the first approx 10% of the partition have > > been overwritten with random data. > > What are the chances of recovering any data in the given scenario? > > > > Thanks in advance, > > mB > > > > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt > -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
