Excellent. You are welcome. Now, be aware that something is wrong in your set-up, so keep a header backup around. If this happens again, it may be a good idea to look at this more closely. The header backup will also help with that, as it allows comparison of "good" and "bad" state. Arno On Fri, Nov 21, 2014 at 09:08:43 CET, Jan Rhebergen wrote: > Tried the repair function of the newest cryptsetup from fedora life. > Worked like a charm! > > LUKS header repaired and recovered! > > Super! > > Thanks, > JB > > > On 11/17/2014 10:34 PM, Jan Rhebergen wrote: > >In my (feeble) effort to construct an obstacle for the proverbial > >"evil maid" I messed up my system causing a > > > >LUKS keyslot 5 is invalid > > > >error. > > > >My system is a recent Ubuntu installation with full disk encryption > >(except for the boot partition of course). In my attempt to thwart > >potential "evil maids" I decided to move the boot filesystem and > >bootloader to a USB thumbdrive. > > > >After I deleted the boot partition from the laptop hard-drive > >partition table and after trying the USB thumbdrive (which worked) I > >decided to reverse it again (can't remember why anymore). > > > >To recover the correct place and size I decided use testdisk (you'll > >find out why later). This duly detected the original boot partition > >boundaries. However it did not correctly detect the LUKS partition > >(which I did not notice at the time). It detected a partition of 2MB > >instead. So I (regretfully) accepted the found partitions and ended up > >with a correct boot partition but with a much too small LUKS > >device/partition which was not number /dev/sda5 but > >/dev/sda2. Needless to say opening it upon boot did not work. > > > >Disk /dev/sda: 256 GB, 256052966400 bytes > >255 heads, 63 sectors/track, 31130 cylinders > >Units = cylinders of 16065 * 512 = 8225280 bytes > > > > Device Boot Start End Blocks Id System > >/dev/sda1 * 1 32 257008 83 Linux > >Warning: Partition 1 does not end on cylinder boundary. > >/dev/sda2 32 32 0 83 Linux > >Warning: Partition 2 does not end on cylinder boundary. > >Command (m for help): > > > >I had backed up the first 512 bytes of the drive and the text output > >of fdisk. Only trouble was that I had backed it up on the partition > >that I was trying to reach! (kicking myself here). To my defence I > >have to say I was tired and it was already late evening. This was the > >(lazy) reason for using testdisk. > > > >At this stage I did what is explicitly stated in the FAQ not to > >do,.. I panicked! > > > >I used cfdisk to resize the too small LUKS partition to fill the rest > >of the disk (as it should). This worked fine and I was able to open > >the LUKS device (yeah!) Although I could activate the volume group and > >see/detect the logical volumes on it (lvscan/lvdisplay) I could not > >mount them (don't remember the error). > > > >At this stage I should have used dd to make a complete image of the > >partition hard drive. Plus I should have made a backup of the LUKS > >header (probably would have worked). I just didn't think straight I > >guess from sheer panic. > > > >Not being able to mount the logical volumes on the LUKS partition I > >figured it must have something to do with the fact that the LUKS > >partition was on /dev/sda2 instead of /dev/sda5. So I though I'd be > >smart and did the following. I created a small temporary (buffer) > >partition replacing the empty unallocated space between the boot > >partition and the LUKS partition. I subsequently deleted the LUKS > >partition, created an extended partition and a new logical partition > >spanning the whole drive. Finally deleting the small buffer > >partition. So I ended up with what I thought should be the original > >partition table. Tried booting and opening it,... alas to no avail. I > >suspect that creating this small buffer partition in the 1.05MB > >'empty' space caused the trouble and in fact wrote over a few bytes of > >the LUKS partition. > > > >So finally I started to do the smart thing although probably too late > >and copy the entire drive image over to another drive. > > > >I was able to locate the start of the LUKS partition: > > > >root@goofy:~# hexdump -C /dev/sda | grep LUKS > >08073590 73 73 20 64 65 6e 69 65 64 00 4c 55 4b 53 ba be |ss > >denied.LUKS..| > >08844d90 73 73 20 64 65 6e 69 65 64 00 4c 55 4b 53 ba be |ss > >denied.LUKS..| > >08e3c190 73 73 20 64 65 6e 69 65 64 00 4c 55 4b 53 ba be |ss > >denied.LUKS..| > >0f500000 4c 55 4b 53 ba be 00 01 61 65 73 00 00 00 00 00 > >|LUKS....aes.....| > > > >I mounted the image file (not /dev/sda) at the appropriate offset and > >tried to open it. > > > >losetup -o 0xf500000 -r -f sda.img > > > >cryptsetup luksOpen /dev/loop0 mycrypt > > > >LUKS keyslot 5 is invalid > > > >Now it so happens I don't use this slot but only the default one. So > >is there any hope for recovery? If so how do I go about it (now that I > >have calmed down). > > > >Any help and advice naturally much appreciated. > > > >regards, > >JB > > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. -- Plato If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
