On 19/07/18 20:54, brad wrote: > I have an external hard drive that I have been using for encrypted backups. It's been working find with xubuntu 16.xx LTS. Now I've updated to 18.04 and can't mount the drive. > > cryptsetup 2.0.2 > > My notes from last time say to do this: > > dd if=/dev/urandom of=/root/keyfile bs=1024 count=4 > chmod 0400 /root/keyfile > cryptsetup luksAddKey /dev/sdb /root/keyfile > > Which returns: > > IO error while encrypting keyslot > > If I try to mount from the file manager (thunar) I get this: > > Error mounting /dev/dm-2 at /media/brad/Maxtor1: can't read superblock on /dev/mapper/luks-3bddbc2d-6432-46df-9851-c86e15478ded. > > More: > > cryptsetup luksOpen /dev/sdb Maxtor > Cannot use device /dev/sdb which is in use (already mapped or mounted) > > cryptsetup luksClose /dev/sdb > Device sdb not found You need to use mapped device name, not underlying device. The IO error above looks like either some hw is broken or there is a stale device that need to be removed. (Any error in kernel syslog?) Could you post lsblk and "dmsetup table" output? Thanks for posting debug log, but please do not edit it. It should not contain any passphrase sensitive information. But anyway, Ubuntu has very strange approach to backport some patches instead of using released upstream packages, so it is better to ask distro specific channels. Milan > > cryptsetup --debug luksAddKey /dev/sdb /root/keyfile > # cryptsetup 2.0.2 processing "cryptsetup --debug luksAddKey /dev/sdb /root/keyfile" > # Running command luksAddKey. > # Locking memory. > # Installing SIGINT/SIGTERM handler. > # Unblocking interruption on signal. > # Allocating context for crypt device /dev/sdb. > # Trying to open and read device /dev/sdb with direct-io. > # Initialising device-mapper backend library. > # Trying to load any crypt type from device /dev/sdb. > # Crypto backend (gcrypt 1.8.1) initialized in cryptsetup library version 2.0.2. > # Detected kernel Linux 4.15.0-23-generic x86_64. > # PBKDF pbkdf2, hash sha256, time_ms 2000 (iterations 0), max_memory_kb 0, parallel_threads 0. > # Reading LUKS header of size 1024 from device /dev/sdb > # Key length 32, device size 195813072 sectors, header size 2050 sectors. > # PBKDF pbkdf2, hash sha256, time_ms 2000 (iterations 0), max_memory_kb 0, parallel_threads 0. > # Interactive passphrase entry requested. > Enter any existing passphrase: > # Checking volume passphrase [ke***** -1] using passphrase. > # Trying to open key slot 0 [ACTIVE]. > # Reading key slot 0 area. > # Using userspace crypto wrapper to access ke***** area. > Key slot 0 unlocked. > # File descriptor passphrase entry requested. > # Adding new ke*****, existing passphrase provided,new passphrase provided. > # Selected ke***** 2. > # Trying to open key slot 0 [ACTIVE]. > # Reading key slot 0 area. > # Using userspace crypto wrapper to access ke***** area. > Key slot 0 unlocked. > # Calculating data for key slot 2 > # Running pbkdf2(sha256) benchmark. > # PBKDF benchmark: memory cost = 0, iterations = 1310720, threads = 0 (took 25 ms) > # PBKDF benchmark: memory cost = 0, iterations = 1275639, threads = 0 (took 411 ms) > # PBKDF benchmark: memory cost = 0, iterations = 1272543, threads = 0 (took 824 ms) > # Benchmark returns pbkdf2(sha256) 1272543 iterations, 0 memory, 0 threads (for 256-bits key). > # Key slot 2 use 2545086 password iterations. > # Using hash sha1 for AF in key slot 2, 4000 stripes > # Updating key slot 2 [0x41000] area. > # Using userspace crypto wrapper to access ke***** area. > IO error while encrypting ke*****. > # Releasing crypt device /dev/sdb context. > # Releasing device-mapper backend. > # Unlocking memory. > Comsudo cryptsetup --debug luksAddKey /dev/sdb /root/keyfile > # cryptsetup 2.0.2 processing "cryptsetup --debug luksAddKey /dev/sdb /root/keyfile" > # Running command luksAddKey. > # Locking memory. > # Installing SIGINT/SIGTERM handler. > # Unblocking interruption on signal. > # Allocating context for crypt device /dev/sdb. > # Trying to open and read device /dev/sdb with direct-io. > # Initialising device-mapper backend library. > # Trying to load any crypt type from device /dev/sdb. > # Crypto backend (gcrypt 1.8.1) initialized in cryptsetup library version 2.0.2. > # Detected kernel Linux 4.15.0-23-generic x86_64. > # PBKDF pbkdf2, hash sha256, time_ms 2000 (iterations 0), max_memory_kb 0, parallel_threads 0. > # Reading LUKS header of size 1024 from device /dev/sdb > # Key length 32, device size 195813072 sectors, header size 2050 sectors. > # PBKDF pbkdf2, hash sha256, time_ms 2000 (iterations 0), max_memory_kb 0, parallel_threads 0. > # Interactive passphrase entry requested. > Enter any existing passphrase: > # Checking volume passphrase [ke***** -1] using passphrase. > # Trying to open key slot 0 [ACTIVE]. > # Reading key slot 0 area. > # Using userspace crypto wrapper to access ke***** area. > Key slot 0 unlocked. > # File descriptor passphrase entry requested. > # Adding new ke*****, existing passphrase provided,new passphrase provided. > # Selected ke***** 2. > # Trying to open key slot 0 [ACTIVE]. > # Reading key slot 0 area. > # Using userspace crypto wrapper to access ke***** area. > Key slot 0 unlocked. > # Calculating data for key slot 2 > # Running pbkdf2(sha256) benchmark. > # PBKDF benchmark: memory cost = 0, iterations = 1310720, threads = 0 (took 25 ms) > # PBKDF benchmark: memory cost = 0, iterations = 1275639, threads = 0 (took 411 ms) > # PBKDF benchmark: memory cost = 0, iterations = 1272543, threads = 0 (took 824 ms) > # Benchmark returns pbkdf2(sha256) 1272543 iterations, 0 memory, 0 threads (for 256-bits key). > # Key slot 2 use 2545086 password iterations. > # Using hash sha1 for AF in key slot 2, 4000 stripes > # Updating key slot 2 [0x41000] area. > # Using userspace crypto wrapper to access ke***** area. > IO error while encrypting ke*****. > # Releasing crypt device /dev/sdb context. > # Releasing device-mapper backend. > # Unlocking memory. > Command failed with code -1 (wrong or missing parameters). > mand failed with code -1 (wrong or missing parameters). > > > > > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > https://www.saout.de/mailman/listinfo/dm-crypt > _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx https://www.saout.de/mailman/listinfo/dm-crypt
