[dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.

Arno Wagner arno at wagner.name
Mon Oct 31 08:18:32 CET 2011


I am opposed to this. cryptsetup is not at fault here, it displays
a big, fat warning (unless disabled). If an installer decides
to suppress that warning and give something far less clear,
then the installer is broken and needs to be fixed. A good
installer would  give a very clear warning and require
more than just a click or "RETURN" as confirmation. 
cryptsetup already does both. 

In addition, any kind of automatic header backup 
breaks the LUKS security model and needs to come
with a very clear warning if automatized (as in an 
installer). The problem is that old passphrases will
be stored and will survive deletion in the active LUKS
header. That is not good at all.

The right thing here is to complain to those that made the
broken (or not careful enough) installer and to ask them to
either keep the very clear warning and verification question
asked by cryptsetup, or to do something equally clear 
themselves.

Side note: I am unsure whether Ubuntu has fixed this issue by now.
Does anybody know?

Side note 2: Added a generic warning about dangerous distro installers 
to the FAQ.

Arno

On Mon, Oct 31, 2011 at 04:30:11AM +0100, ingo.schmitt at binarysignals.net wrote:
> Another idea: Cryptsetup should offer to backup the header
> on the same drive when changes to an existing header are requested.
> 
> I assume that headers size isn't an issue.
> 
> Thx,
> Ingo
> 
> On 10/31/2011 01:30 AM, Aleksander Swirski wrote:
> >I'm pretty sure this warning is only displayed when someone decides to
> >create new crypto on some partition or fill encrypted device with random
> >data in the next step after setting the password. but just setting the
> >password on an existing device makes data unusable without warning. when
> >the partitioning is finished there is a list of partitions that will be
> >wiped out, and also, during my installation crypto-deviced and /home
> >inside LVM was not listed there, but already lost few clicks earlier.
> >
> >i understand that it wasn't taken into consideration that someone can
> >attach existing encrypted device, but only that a new one will be
> >created. this is inconsistent with how it goes with unencrypted
> >partitions, where you can reattach them without formatting and keep your
> >data. so i guess with encrypted partition this should also work that
> >way. or maybe i miss the point? i will try to make the whole scenario
> >clear, and then send my proposition, to debian-boot at lists.debian.org
> ><mailto:debian-boot at lists.debian.org>
> >
> >On 30 October 2011 23:25, Jonas Meurer <jonas at freesources.org
> ><mailto:jonas at freesources.org>> wrote:
> >
> >    -----BEGIN PGP SIGNED MESSAGE-----
> >    Hash: SHA1
> >
> >    Hi Aleksander,
> >
> >    Am 30.10.2011 19:56, schrieb Aleksander Swirski:
> >     > I will also try to push this info to the debian devs. I'm not sure
> >     > how to do that properly (hint appreciated). I know, that the route
> >     > of installation I took is not a common one, but a simple warning
> >     > would suffice to avoid this kind of trouble. After all my encrypted
> >     > LVM and specifically the /home partition within LVM wasn't listed
> >     > among those, which are to be erased at any point during the
> >     > installation. (I marked them with - K - keep the data)
> >
> >    I guess that you selected to configure the device which contained the
> >    LVM volume group as new encrypted device. Then you where asked for the
> >    new passphrase twice, and a new LUKS header was written to the device,
> >    overwriting the old LUKS header. That way you shredded all the
> >    encrypted data on that device, regardless what it was.
> >
> >    The partitions you marked as "keep the data" weren't overwritten, just
> >    the LUKS header of underlying device was overwritten.
> >
> >    I agree, that a warning in the Debian Installer is a good idea, but to
> >    be honest, there's already a big fat warning:
> >
> >     > _Description: Really erase the data on ${DEVICE}? The data on
> >     > ${DEVICE} will be overwritten with random data. It can no longer be
> >     > recovered after this step has completed. This is the last
> >     > opportunity to abort the erase.
> >
> >    (from
> >    http://anonscm.debian.org/gitweb/?p=d-i/partman-crypto.git;a=blob;f=debian/partman-crypto.templates)
> >
> >    If you like to propose changes to the (warnings in the) process of
> >    configuring encrypted volumes during installation of Debian, feel free
> >    to discuss this on debian-boot at lists.debian.org
> >    <mailto:debian-boot at lists.debian.org>. You might as well
> >    take a look at the following page:
> >    http://wiki.debian.org/DebianInstaller/PartmanCrypto
> >
> >    Greetings,
> >      jonas
> >    -----BEGIN PGP SIGNATURE-----
> >    Version: GnuPG v1.4.11 (GNU/Linux)
> >    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> >
> >    iQIcBAEBAgAGBQJOrc7tAAoJEFJi5/9JEEn+bo4P/0vX3AxnpXzWO3NUvYW2wh6H
> >    k7v8Dhx6Rw5HXttHuF8JSypkvcHuLfWyGLq0J4qlsw4GvK/cPtwdCuSe//uJvqSB
> >    4Z6qj55E/3/M+aEBMzT9oBeZ5DVGPp0+76VWFNijGzHYMoT4YYm0pZBsmfZ7U2RJ
> >    +7xFyGP0d7oXJIqoW8aUyufgdYnRNdcZdJtY27XHgKW1m9ytllIuK0h7hl410/L0
> >    vy2t4IqSlO5Uko1/bOf3FETNkBRTUl4T2jWMP3dEpNMRobB1ZH5I5menXWSwzgR9
> >    c2QWRkwQ8iUsAdakofnl9O1jhtw3Z9MKxHQbnxh32oNuS5Aaf5xxfiI7jXf3yY/L
> >    GUKyIOa5nGtNtwUt4l0RTJAKoyY2J2KtBJm+JL51tQ3q/iyZsfRLVmyczlkzKUhj
> >    vMKgSzhV8/IyQ/snqftAMqmRXYgaOE3qDCe8MR+EChIFwX2Zr+eRWdRzVFDjQ0kP
> >    Cyc6Yw3TrthD8GuWWxU93tE3YMVxgI76+lDk/LBLZjviMTEfkR5e+gmuoff+Xdta
> >    aBYek7loOjkqb+gJ6qeqAKuDLAZnw/BmHfgpYQpatdSeiV6jpGPkGMbYTwDHLlXR
> >    rE72FJe1emdcDWQ6TE8SP+6KW22HirBPD5q6DPqJ2Oxcxx+AotXeLvDpnhd9S5b2
> >    fDNHacCUklPyCeH81nsH
> >    =PLsS
> >    -----END PGP SIGNATURE-----
> >    _______________________________________________
> >    dm-crypt mailing list
> >    dm-crypt at saout.de <mailto:dm-crypt at saout.de>
> >    http://www.saout.de/mailman/listinfo/dm-crypt
> >
> >
> >
> >
> >_______________________________________________
> >dm-crypt mailing list
> >dm-crypt at saout.de
> >http://www.saout.de/mailman/listinfo/dm-crypt
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
> 

-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 


More information about the dm-crypt mailing list