well, you were lucky you lost only unimportant data :) there were a lot of people, first of all: me, who did not backup their header on the main system.. And they (read: me) lost access to their home partition because the only place where the passphrase had been stored was.. the damaged root partition.. And that's how i learned i should back up headers (lol) Though i know losing access to a backup-and-something partition makes you feel bad too :| On 08/09/2011, Arno Wagner <arno@xxxxxxxxxxx> wrote: > On Thu, Sep 08, 2011 at 11:46:42AM -0400, Ric Flomag wrote: >> Claudio and Arno, >> >> Thank you for your kind help. I have tried the following: >> * manually unlock the partition with a Fedora 15 live (it has cryptsetup >> 1.3), and with an Ubuntu 11.04 live (which has 1.1 without the updates >> installed on my system). No luck, cryptsetup returns "no available key". >> * looked at the hex data of the keyslot (between 0x01000 and 0x20400) : >> no >> obvious patterns > > Which does not mean no patterns. This is the likely explanation. > The key-slots do not have any checksums, as that would decrease > security. > > As this problem crops up frequantly, I do have a tool under > development that does frequency-analysis on the keyslots > in a sector-wise fashion, but I currently have no time to > finish it. This should be one order of magnitude or so better > than looking at it. > >> As for a possible problem with seahorse: I use the same password on both >> hard drives, seahorse shows them correctly, i can manually unlock the >> other >> hard drive with the password and with seahorse... so I don't think that >> the >> problem lies here. > > Agreed. > >> Unfortunately i had not backed up the header nor retrieved the master key. >> It's ok though, this hard drive only contains backups and unimportant >> stuff. >> I'll just format the partition if I don't find a solution. And then backup >> the header and the master key :D > > :-) > You can protect the backup, e.g. by encrypting it with GnuPG. > >> What worries me is that I have no clue what happened. A damage to the >> header >> is it possible without any signs of it ? > > Well, if some random-looking data was copied into it, that is hard to > spot. A frequency-analysis would help, but takes some work to > implement. The easy and reliable way would be to compare the > header with its backup. > > I do agree that header damage should not happen in an ideal world. > However, from the questions asked here, header damage is a not so > infrequent problem. That is one of the reasons I wrote the FAQ ;-) > > Arno > -- > Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx > GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F > ---- > Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans > > If it's in the news, don't worry about it. The very definition of > "news" is "something that hardly ever happens." -- Bruce Schneier > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt > _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
