Another corrupt luks header thread

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello everyone,
My lvm and luks header went corrupt last week because of a naive user and a possible faulty hw-raid controller. I believe the rest of the data is intact and I have an old luksDump from when I first created the volume.
The volume had one large LV, which was then encrypted with luks. I have other volumes with the same layout to compare with.
Since the lvm is also corrupt, I can only inspect the volume without the LV device. All data seems intact after 0x31000. After comparing the corrupt volume with a intact volume, I've noticed they both begin data at that position and the position inside the LV device is 0x1000.
I'm missing something like this inside the LV (taken from one of my intact LV devices: 00000000 4C 55 4B 53 BA BE 00 01 61 65 73 00 00 00 00 00 00 00 00 00 LUKS....aes......... 00000014 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .................... 00000028 78 74 73 2D 70 6C 61 69 6E 00 00 00 00 00 00 00 00 00 00 00 xts-plain........... 0000003C 00 00 00 00 00 00 00 00 00 00 00 00 73 68 61 31 00 00 00 00 ............sha1.... 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .................... 00000064 00 00 00 00 00 00 08 08 00 00 00 20 F4 8A 16 39 E5 12 8A BA ........... ...9.... 00000078 9B FC D5 B5 C8 BB 2B 13 7B 76 BF 35 55 D5 80 2E A8 0B 1F 66 ......+.{v.5U......f 0000008C 0A 07 F3 C1 81 CA FC 46 BB D6 13 F5 FB 12 81 C5 DA 57 6F 94 .......F.........Wo. 000000A0 04 B5 B9 CA 00 00 00 0A 66 61 32 32 38 64 63 66 2D 31 34 35 ........fa228dcf-145 000000B4 65 2D 34 38 35 32 2D 38 65 37 33 2D 39 30 38 35 62 37 61 33 e-4852-8e73-9085b7a3 000000C8 39 38 33 65 00 00 00 00 00 AC 71 F3 00 03 A7 03 6E 67 02 8D 983e......q.....ng.. 000000DC 96 F6 1A B2 36 31 5D 51 4B E1 3A 4C 84 23 D6 41 A5 1F EC 51 ....61]QK.:L.#.A...Q 000000F0 AB DF F5 4D B4 CD 8C E6 00 00 00 08 00 00 0F A0 00 00 DE AD ...M................ 00000104 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .................... 00000118 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 08 .................... 0000012C 00 00 0F A0 00 00 DE AD 00 00 00 00 00 00 00 00 00 00 00 00 .................... 00000140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .................... 00000154 00 00 00 00 00 00 02 08 00 00 0F A0 00 00 DE AD 00 00 00 00 .................... 00000168 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .................... 0000017C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 08 00 00 0F A0 .................... 00000190 00 00 DE AD 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .................... 000001A4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .................... 000001B8 00 00 04 08 00 00 0F A0 00 00 DE AD 00 00 00 00 00 00 00 00 .................... 000001CC 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .................... 000001E0 00 00 00 00 00 00 00 00 00 00 05 08 00 00 0F A0 00 00 DE AD .................... 000001F4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .................... 00000208 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06 08 .................... 0000021C 00 00 0F A0 00 00 DE AD 00 00 00 00 00 00 00 00 00 00 00 00 .................... 00000230 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .................... 00000244 00 00 00 00 00 00 07 08 00 00 0F A0 00 00 00 00 00 00 00 00 .................... 

Old luksDump from my corrupt LV:

LUKS header information for /dev/mapper/lv02a-lv02a

Version:           1
Cipher name:       aes
Cipher mode:       xts-plain
Hash spec:         sha1
Payload offset:    2056
MK bits:           256
MK digest: d4 38 70 47 0d 20 72 42 0e 04 97 94 e8 56 59 1f f9 6f ec 1c 
MK salt:           c6 63 93 f7 67 6b b9 d9 dd a0 5e 7a 46 6f 2e b7
                   d2 43 63 db 88 1b c7 aa 3b c9 41 2c dd 5c be 58
MK iterations:     10
UUID:              b81d8995-33b3-48a8-b1e1-1c0d0c237974

Key Slot 0: ENABLED
    Iterations:             162621
    Salt:                   44 cc 3d 3b 6d e1 34 9b 83 e0 b5 e2 0b e1 f0 4d
a3 c6 1e 11 fa c1 6f ab a6 61 04 7d e9 17 b9 20 
    Key material offset:    8
    AF stripes:                4000
Key Slot 1: DISABLED
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED
I believe the lvm can be easily restored from backups in /etc/lvm/backup, so the remaining problem is the luks header.
Is it possible to restore the LUKS header? If so, how should I proceed? I would appreciate any help with this. 

If not, is it possible to recover any data on the volume?

Viktor
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux