On 02/25/2016 04:08 PM, Felix Wagner wrote: > Hello, > > I tried to reencrypt my device today and was way too eager to do it > without reading everything. Heres what I did: > > 'cryptsetup-reencrypt -v -c aes-xts-plain64 -s > 512 /dev/disk/by-uuid/2ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7 > Reencryption will change: volume key, set cipher to aes-xts-plain64. > Enter passphrase for key slot 0: > Key slot 0 unlocked. > LUKS header backup of > device /dev/disk/by-uuid/2ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7 created. > Data offset for detached LUKS header must be either 0 or higher than > header size (4036 sectors). Creation of LUKS backup headers failed. > > So i thought well It didn't work so lets try again: > > cryptsetup-reencrypt -v -c > aes-xts-plain64 /dev/disk/by-uuid/2ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7 > Reencryption will change: volume key, set cipher to aes-xts-plain64. > Enter passphrase for key slot 0: > Key slot 0 unlocked. > LUKS header > backup of device /dev/disk/by-uuid/2ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7 > created. > New LUKS header for > device /dev/disk/by-uuid/2ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7 created. > Activated keyslot 0. > Marking LUKS > device /dev/disk/by-uuid/2ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7 unusable. > Activating temporary device using old LUKS header. > Key slot 0 unlocked. > Cannot get info about > device /dev/disk/by-uuid/2ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7. > Activation of temporary devices failed. > > Now it says that the device is not a luks device anymore. I do not have > a header backup (I'm an idiot) what I do have is the luksDump > information and I have not rebooted my system: Do you have these files still in current directory? LUKS-ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7.log LUKS-ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7.new LUKS-ea1bb9e-a4a0-48c8-bc67-a694fa6c8cf7.org If so, save them. *.log is reencryption log. If you run reencrypt in directory with these files, reencryption will resume. If it did not started yet, *.org is header backup and you can use it to restore old device state. (If reencryption already started some part of device is already reencrypted so you have to finish that operation.) Please can you paste here content of the *.log file? (It is text file containing reencryption context.) (In theory, if reencryption did not really started yet the initial header is still on-device, just with different magic string, so recovery could be still possible just with simple on-disk edit.) Milan _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
