[dm-crypt] recovering forgotten passwords for 2 LVs
arno at wagner.name
Tue Aug 23 14:57:59 CEST 2011
On Mon, Aug 22, 2011 at 06:33:30PM -0400, ken wrote:
> Yves, thanks for replying.
> This setup worked fine for years without changing anything on it. I'm
> fairly certain that there are two logical volumes on /dev/sda5, both
> encrypted. As said, when I booted the system up, I was prompted for two
> passphrases (one for each filesystem).
> Does this tell us anything?
> # cryptsetup luksDump /dev/sda5
> LUKS header information for /dev/sda5
> Version: 1
> Cipher name: aes
It does. /dev/sda5 has a LUKS container at the start with
one passphrase active. For password breaking attempts, it
does not matter that there are some LVM mappings. I advise
to just ignore any LVM stuff for the moment and to run your
password guessing attempts against /dev/sda5.
You will possibly not get you data, but the password checking
will be good, unless that thing was created using
decrypt_derived or the like. I doubt that, as then you
should have been asked only for one password.
Once you have the password recovered, you should be able
to do a normal boot.
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
More information about the dm-crypt