On Thu, Sep 13, 2012 at 07:21:17PM -0500, Zack Buhman wrote: > Hello, > > So I was bumbling along and for some stupid reason I generated a new > keyfile (thinking I was on another machine) and ended up overwriting my > keyfile that I use on a volume that has 1.1TB data. > > I was reading > https://code.google.com/p/cryptsetup/wiki/FrequentlyAskedQuestions#6._Backup_and_Data_Recovery > section 6.10, and at the time I had the thing unlocked. So I retrieved > the master key as described in the FAQ, but then I guess I didn't read > the instructions properly, and did luksFormat with the master key file. > When I unlock that, the filesystem that's supposed to be inside doesn't > exist. > > What I did: http://sprunge.us/UjBQ > > I also have http://sprunge.us/bWFc from my console buffer when I was just > playing around. Is data recovery still possible? >From a quick look, I think you problem may be simple, namely other defaults. Good job keeping the info, but you will need to make a new container after recovery, as your master key is now publicly known and your data not secure anymore. As the FAQ states, you need to create the new LUKS container with the same parameters as the old one. Lets see, you have: 0 7813523456 crypt aes-xts-plain bff82...76d4 0 9:127 4096 ^^^^^^^^^^^^^ ^^^^^^^^^^^^ cipher+mode key A test with a loop file on my system gives: 0 200704 crypt aes-cbc-essiv:sha256 9d....35 0 7:0 4096 Your old container does not use the defaults of the cryptsetup sources, but the ones used by some distribution or parameters set by yourself. Make sure the new header is also aes-xts-plain, by dumping the master key again. The key and cipher parameter need to be the same, otherwise decryption will not work. The other thing is that I think you should try this without keyfile, exactly as described in the FAQ section 6.10. Not sure whether it makes a difference (I have never used keyfiles), but your master key is compromised anyways, a keyfile will not help. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- One of the painful things about our time is that those who feel certainty are stupid, and those with any imagination and understanding are filled with doubt and indecision. -- Bertrand Russell _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt