[dm-crypt] recovering forgotten passwords for 2 LVs
gebser at mousecar.com
Mon Aug 22 16:48:54 CEST 2011
On 08/17/2011 01:44 PM ken wrote:
> Having searched through the archives and read the FAQ list, I know this
> isn't going to be easy, but I have to give it a try anyway. Yes, I'm
> yet another guy who forgot his LUKS password. And I encrypted both the
> system and data LVs (when I first installed CentOS/Linux). After a
> couple days trying out various passphrases (going through my three
> chances and then having to shut down and restart the machine to get
> another three chances) and not succeeding, I removed the drive and put
> it into a drive enclosure, then attached it (via USB) to an older but
> working system. Now I can read only the /boot partition of that drive....
Over the weekend I read a bunch more documentation, got a spare drive
connected, and on it created an encrypted partition containing a Linux
LVMed filesystem (ext3 if it matters... same as the on the disk I'm
trying to get back). I did all this to test and refine a script I
created so I can input possible/likely passphrases and see which of them
might work. My script works fine on the one encrypted partition I
created on the test disk. I have a concern though.
When booting the disk I'm locked out of, it would prompt me twice...
because, as explained above, the partition contained two encrypted
logical volumes... so I was prompted for passphrases for each. In fact,
if I failed to input the correct passphrase for the first LV, I'd still
be prompted for the passphrase for the second LV. When I do "cryptsetup
isLuks /dev/sda5" the error code (0) tells me I've got an encrypted
device... but just one. Using luksDump likewise shows just one instance
of something (?) encrypted.
Why is this, when I know there to be *two* encrypted LVs on that
Most importantly, when I run
echo -n "$PASS PHRASE" |/sbin/cryptsetup luksOpen /dev/sdb5 name1
is cryptsetup going to be talking to one or the other encrypted LVs...?
and if so, which one?
More information about the dm-crypt