On 2013-04-02 06:07, Arno Wagner wrote:
3. The cryptsetup package contains a keyslot-checker tool.
(I wrote it, but forgot to do an FAQ entry on it, maybe
I will find time this week.) You find it in
misc/keyslot_checker/ with instructions. It will find
overwritten areas in the active keyslots. It requires
installation of the cyrrent cryptsetup libraries (1.6.x)
but runs itself without installation.
Hi Arno,
Thanks for the useful tool!
./chk_luks_keyslots -v /dev/sda5
parameters (commandline and LUKS header):
sector size: 512
threshold: 0.900000
- processing keyslot 0: start: 0x001000 end: 0x03f800
low entropy at: 0x010000 entropy: 0.599098
Binary dump:
0x010000 30 30 30 30 30 30 30 00 75 64 65 76 73 65 74 74
0000000.udevsett
0x010010 6C 65 00 75 64 65 76 73 65 74 74 6C 65 20 2D 2D
le.udevsettle --
0x010020 74 69 6D 65 6F 75 74 3D 00 75 64 65 76 61 64 6D
timeout=.udevadm
0x010030 20 73 65 74 74 6C 65 20 2D 2D 74 69 6D 65 6F 75 settle
--timeou
0x010040 74 3D 00 4C 69 62 70 61 72 74 65 64 20 57 61 72
t=.Libparted War
0x010050 6E 69 6E 67 00 4C 69 62 70 61 72 74 65 64 20 49
ning.Libparted I
0x010060 6E 66 6F 72 6D 61 74 69 6F 6E 00 4C 69 62 70 61
nformation.Libpa
0x010070 72 74 65 64 20 45 72 72 6F 72 00 4C 69 62 70 61 rted
Error.Libpa
0x010080 72 74 65 64 20 42 75 67 20 46 6F 75 6E 64 21 00 rted Bug
Found!.
0x010090 46 69 78 00 59 65 73 00 4F 6B 00 52 65 74 72 79
Fix.Yes.Ok.Retry
0x0100a0 00 4E 6F 00 43 61 6E 63 65 6C 00 49 67 6E 6F 72
.No.Cancel.Ignor
0x0100b0 65 00 25 31 20 6F 66 20 25 32 20 72 65 61 64 20 e.%1 of
%2 read
0x0100c0 28 25 33 20 72 65 6D 61 69 6E 69 6E 67 29 00 25 (%3
remaining).%
0x0100d0 31 20 6F 66 20 25 32 20 72 65 61 64 00 25 31 20 1 of %2
read.%1
0x0100e0 6F 66 20 25 32 20 63 6F 70 69 65 64 00 75 73 69 of %2
copied.usi
0x0100f0 6E 67 20 6C 69 62 70 61 72 74 65 64 00 64 65 6C ng
libparted.del
0x010100 65 74 65 20 70 61 72 74 69 74 69 6F 6E 00 73 65 ete
partition.se
0x010110 74 20 70 61 72 74 69 74 69 6F 6E 20 74 79 70 65 t
partition type
0x010120 20 6F 6E 20 25 31 00 6C 69 6E 75 78 2D 73 77 61 on
%1.linux-swa
0x010130 70 00 6C 69 6E 75 78 2D 73 77 61 70 28 76 31 29
p.linux-swap(v1)
0x010140 00 6C 69 6E 75 78 2D 73 77 61 70 28 6E 65 77 29
.linux-swap(new)
0x010150 00 6E 65 77 20 70 61 72 74 69 74 69 6F 6E 20 74 .new
partition t
0x010160 79 70 65 3A 20 25 31 00 30 78 00 45 72 72 6F 72 ype:
%1.0x.Error
0x010170 20 74 72 79 69 6E 67 20 74 6F 20 6F 70 65 6E 20 trying
to open
0x010180 25 31 00 72 65 71 75 65 73 74 65 64 20 73 69 7A
%1.requested siz
0x010190 65 3A 20 25 31 20 28 25 32 29 00 72 65 71 75 65 e: %1
(%2).reque
0x0101a0 73 74 65 64 20 65 6E 64 3A 20 25 31 00 72 65 71 sted end:
%1.req
0x0101b0 75 65 73 74 65 64 20 73 74 61 72 74 3A 20 25 31 uested
start: %1
0x0101c0 00 6E 65 77 20 73 69 7A 65 3A 20 25 31 20 28 25 .new
size: %1 (%
0x0101d0 32 29 00 6E 65 77 20 65 6E 64 3A 20 25 31 00 6E 2).new
end: %1.n
0x0101e0 65 77 20 73 74 61 72 74 3A 20 25 31 00 63 61 6C ew start:
%1.cal
0x0101f0 69 62 72 61 74 65 20 25 31 00 70 61 74 68 3A 20 ibrate
%1.path:
- processing keyslot 1: keyslot not in use
- processing keyslot 2: keyslot not in use
- processing keyslot 3: keyslot not in use
- processing keyslot 4: keyslot not in use
- processing keyslot 5: keyslot not in use
- processing keyslot 6: keyslot not in use
- processing keyslot 7: keyslot not in use
Looks like the keyslot is hosed unless there's some way that my
partitioning is incorrect. However, since the tools recognize the LUKS
header I don't think that is the case. Not sure how this happened since
I only wrote to the partition table. Any suggestions?
Thank you for your time!
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
