Page 1 of 4 123 ... LastLast
Results 1 to 10 of 32

Thread: Can't access luks-encrypted system partition anymore

  1. #1
    Join Date
    Jul 2008
    Location
    Germany
    Beans
    18
    Distro
    Ubuntu 8.04 Hardy Heron

    Can't access luks-encrypted system partition anymore

    Newbie-Alert: Please point out any mistakes i'm making.

    On booting, the system doesn't accept my password for unlocking the encrypted system partition anymore.

    Setup: Ubuntu Hardy Heron, set up on 07/16, last updated (working) via synaptic on 07/20 (?). /dev/sda3 is an encrypted partition, which hosts a logical volume, which in turn hosts volume groups for / and swap. /boot is unencrypted. I encrypted via the alternate installer CD. This setup had worked fine until yesterday.

    What happened? I'm not sure. I can't access the partition since last evening. At noon, i updated via synaptic, i think it concerned gvfs. (One problem is that i'm not certain that this update ran through.) The update-process seems to have left /boot untouched.

    All in all, the system acts like my password is wrong, but i'm confident it is correct. I'm trying to access with the help of a Xubuntu-live-CD (7.10).

    Output of sudo cryptsetup luksDump /dev/sda3: http://pastebin.com/m2be5ccf Looks okay to me.

    Only thread i've found so far that looks similar. (Link) Does anybody have an idea why that suddenly just worked again?

    - How can i find out, what was installed in yesterdays update via synaptic?
    - If /boot was unaltered and the partition header of the encrypted partition looks okay, what in the world could be causing trouble?
    - Any hints/ideas for further diagnosis?

  2. #2
    Join Date
    Jun 2006
    Location
    Switzerland
    Beans
    Hidden!
    Distro
    Kubuntu Jaunty Jackalope (testing)

    Re: Can't access luks-encrypted system partition anymore

    can you manually unlock it from the Desktop CD?

    On a side note, why did you encrypt a logical volume and not the partitions within it individually?

  3. #3
    Join Date
    Jul 2008
    Location
    Germany
    Beans
    18
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Can't access luks-encrypted system partition anymore

    I tried to unlock it with sudo cryptsetup luksOpen /dev/sda5 cryptdisc. It prompts me for my password, but doesn't accept it. Mount outputs: "mount: unknown filesystem type 'crypto_LUKS'"


    I encrypted / and swap together so that i only have to enter one password. I found some howtos which suggested that.

  4. #4
    Join Date
    Jun 2006
    Location
    Switzerland
    Beans
    Hidden!
    Distro
    Kubuntu Jaunty Jackalope (testing)

    Re: Can't access luks-encrypted system partition anymore

    up there you said it's /dev/sda3 which is encrypted then you say it's /dev/sda5....

  5. #5
    Join Date
    Jul 2008
    Location
    Germany
    Beans
    18
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Can't access luks-encrypted system partition anymore

    Oops, sorry. It is /dev/sda3. /dev/sda5 is my /boot. (But actually trying to open that with luksOpen also prompts me for a password, i just found out. Anyway, luksDump recognises sda3 as a luks-partition.)

  6. #6
    Join Date
    Apr 2007
    Location
    Kuala Lumpur, Malaysia
    Beans
    579
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Can't access luks-encrypted system partition anymore

    Hi slabo

    - First up - boot from desktop liveCD and make sure you have an internet connection.
    - Now you have to install some stuff thats not there in the liveCD. Pull up a terminal (Applications>Accessories>Terminal)
    - type "sudo su"
    - type "apt-get install lvm2 cryptsetup
    - type "mkdir /media/test"
    - type "modprobe dm-crypt"
    - type "cryptsetup luksOpen /dev/sda5 test"
    (enter password... are you set up on sda3 or sda5? change as needed)
    (you should get a command successful message... continue
    - type "vgchange -ay"
    (this will reveal your volume group name)
    - type "mount /dev/("volume group name")/home /media/test
    - type "nautilus /media/test"
    (and now your encrypted /home should open in a window.)

    If all that works... manually mounting the partition... then its not the encrypted header or partition thats got a problem. So close it all up...
    - close nautilus
    - type "umount /media/test"
    - type "cryptsetup luksClose /dev/sda5



    Unmount it all and

  7. #7
    Join Date
    Jul 2008
    Location
    Germany
    Beans
    18
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Can't access luks-encrypted system partition anymore

    Hi tact, and thx for your answer,

    i already tried that. This is precisely what i tried so far:
    - Started Xubuntu 7.10 Live-CD
    - sudo aptitude -y install cryptsetup initramfs-tools hashalot lvm2 (following this HOWTO)
    - modprobe aes-i586<enter> modprobe dm-crypt<enter>modprobe dm-mod<enter>
    - sudo cryptsetup luksOpen /dev/sda3 cryptdisc, result: "Command failed: No key available with this passphrase." Thus the same result that comes up during boot. (This message however comes also up, if one tries to unlock a partition that is not a luks-partition.) However, i am positive that i know the passphrase, i have it on a note right in front of me and it worked for a week.
    - sudo cryptsetup luksDump /dev/sda3 however results in a seemingly valid description of the header of the partition, see above.
    Last edited by slabo; July 24th, 2008 at 02:13 PM. Reason: correction to be more precise, line w/ modprobe

  8. #8
    Join Date
    Apr 2007
    Location
    Kuala Lumpur, Malaysia
    Beans
    579
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Can't access luks-encrypted system partition anymore

    you will get the same error message if trying to open a non-luks partition.

    just to be sure could you please boot up from the CD again and execute the following in a terminal and post back the results?

    Code:
    sudo fdisk -l /dev/sda
    (that is a lowercase "L" after "fdisk")

    Result should look something like this...
    ===
    Disk /dev/sda: 120.0 GB, 120034123776 bytes
    255 heads, 63 sectors/track, 14593 cylinders
    Units = cylinders of 16065 * 512 = 8225280 bytes
    Disk identifier: 0x000b182c

    Device Boot Start End Blocks Id System
    /dev/sda1 * 1 31 248976 83 Linux
    /dev/sda2 32 14593 116969265 5 Extended
    /dev/sda5 32 14593 116969233+ 83 Linux
    ===

    In the above example the correct partition to cryptsetup luksOpen would be /dev/sda5

    Cheers

  9. #9
    Join Date
    Jul 2008
    Location
    Germany
    Beans
    18
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Can't access luks-encrypted system partition anymore

    Code:
    ubuntu@ubuntu:~$ sudo fdisk -l /dev/sda
    
    Disk /dev/sda: 80.0 GB, 80060424192 bytes
    255 heads, 63 sectors/track, 9733 cylinders
    Units = cylinders of 16065 * 512 = 8225280 bytes
    Disk identifier: 0xfa7a99c2
    
       Device Boot      Start         End      Blocks   Id  System
    /dev/sda1   *           1        1532    12305758+  83  Linux
    /dev/sda2            1533        1824     2345490    5  Extended
    /dev/sda3            1825        9733    63529042+  83  Linux
    /dev/sda5            1533        1581      393561   83  Linux
    /dev/sda6            1582        1824     1951866   83  Linux
    This is what the disk looks like in gparted:

    This needs explanation:
    • /dev/sda1 i left free for a later minimal Windows install. (Don't know why i put ext3 on it, but ntfs wasn't supported, and i think the installer required me to format it.)
    • /dev/sda5 is the boot partition, positively
    • /dev/sda6 is a spare swap-partition, in case i would encounter problems with the encrypted swap, like i did on my Xubuntu notebook.
    • /dev/sda3 is the encrypted volume. On it is a LVM and VGs for / (not /home) and swap.
    Last edited by slabo; July 24th, 2008 at 09:00 PM. Reason: correction

  10. #10
    Join Date
    Apr 2007
    Location
    Kuala Lumpur, Malaysia
    Beans
    579
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Can't access luks-encrypted system partition anymore

    Ok... so to confirm you positively ran these steps and cannot open the crypt-volume?

    - boot from desktop liveCD and make sure you have an internet connection.
    - Pull up a terminal (Applications>Accessories>Terminal)
    Code:
    sudo su  
    apt-get install lvm2 cryptsetup
    mkdir /media/test
    modprobe dm-crypt
    cryptsetup luksOpen /dev/sda3 test
    Nothing fails until you get to this point....and it is at this point you get the "Command failed: No key available with this passphrase." message.

    Correct?

Page 1 of 4 123 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •