On Tue, Feb 01, 2011 at 11:03:29AM +0100, Arends, R.R. wrote: > Hi all, > > I got a mdadm raid5 layer over 6 disks, the raid failed, but i manage to > get it back up. > > But now it seems that the luks header is corrupt. > > It doesn't except my passwords anymore... > > Enter passphrase for /dev/md3: > No key available with this passphrase. > > luksDump still reports the info though... > > cryptsetup luksDump /dev/md3 > LUKS header information for /dev/md3 > > Version: 1 > Cipher name: aes > Cipher mode: cbc-essiv:sha256 > Hash spec: sha1 > Payload offset: 1032 > MK bits: 128 > MK digest: a1 1f b8 22 77 a9 de 2e 19 81 12 54 88 28 e4 0d 0d 39 42 40 > MK salt: 11 2f 27 30 a3 f1 33 6f 3b 5b b3 7c c1 55 a2 af > f7 1c 81 ad 19 fd d2 75 93 c3 b9 aa 6e a4 15 0a > MK iterations: 10 > UUID: 75e65cb7-0444-4df7-a8f8-0677b6b277ba > > Key Slot 0: ENABLED > Iterations: 116904 > Salt: 45 f5 3b 7c 20 ea 09 b8 fa be 60 db 49 5f 4b e0 > 6c 42 20 44 f1 e4 03 7a 4c 32 60 40 c4 54 37 4e > Key material offset: 8 > AF stripes: 4000 > > I'm clueless on how to fix this.... And there is alot of personal data > missing now... I _strongly_ advise you to read the FAQ section about LUKS backup. FAQ is here: http://code.google.com/p/cryptsetup/wiki/FrequentlyAskedQuestions and should have appeared today on the list, but it seems it is stuck in a mailqueue somewhere on saout.de. > Can anyone point me in the right direction on fixing the luks header, or > helping me out another way. You should check the RAID first. If it failed, you may not actually have "gotten it back" at all. The LUKS header fits into a single stripe, hence the only thing that needs to match for luksDump is that you have the same first disk as before. See FAQ for header layout. Incidentally, the same thing happened to somebody else here about a week ago. Thet person seems to have had an issue where he possibly forced a RAID5 rebuilt after one drive had gotten written to wrongly and the rebuilt copied the error to the other disks and wiped out the original keyslot data. Mailing list archive is here: http://dir.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
