[dm-crypt] openLuks failing - semaphore weird bug involved ?

Claudio Moretti flyingstar16 at gmail.com
Thu Sep 8 23:53:45 CEST 2011


well, you were lucky you lost only unimportant data :) there were a
lot of people, first of all: me, who did not backup their header on
the main system.. And they (read: me) lost access to their home
partition because the only place where the passphrase had been stored
was.. the damaged root partition..
And that's how i learned i should back up headers (lol)

Though i know losing access to a backup-and-something partition makes
you feel bad too :|

On 08/09/2011, Arno Wagner <arno at wagner.name> wrote:
> On Thu, Sep 08, 2011 at 11:46:42AM -0400, Ric Flomag wrote:
>> Claudio and Arno,
>>
>> Thank you for your kind help. I have tried the following:
>>  * manually unlock the partition with a Fedora 15 live (it has cryptsetup
>> 1.3), and with an Ubuntu 11.04 live (which has 1.1 without the updates
>> installed on my system). No luck, cryptsetup returns "no available key".
>>  * looked at the hex data of the keyslot (between 0x01000 and 0x20400) :
>> no
>> obvious patterns
>
> Which does not mean no patterns. This is the likely explanation.
> The key-slots do not have any checksums, as that would decrease
> security.
>
> As this problem crops up frequantly, I do have a tool under
> development that does frequency-analysis on the keyslots
> in a sector-wise fashion, but I currently have no time to
> finish it. This should be one order of magnitude or so better
> than looking at it.
>
>> As for a possible problem with seahorse: I use the same password on both
>> hard drives, seahorse shows them correctly, i can manually unlock the
>> other
>> hard drive with the password and with seahorse... so I don't think that
>> the
>> problem lies here.
>
> Agreed.
>
>> Unfortunately i had not backed up the header nor retrieved the master key.
>> It's ok though, this hard drive only contains backups and unimportant
>> stuff.
>> I'll just format the partition if I don't find a solution. And then backup
>> the header and the master key :D
>
> :-)
> You can protect the backup, e.g. by encrypting it with GnuPG.
>
>> What worries me is that I have no clue what happened. A damage to the
>> header
>> is it possible without any signs of it ?
>
> Well, if some random-looking data was copied into it, that is hard to
> spot. A frequency-analysis would help, but takes some work to
> implement. The easy and reliable way would be to compare the
> header with its backup.
>
> I do agree that header damage should not happen in an ideal world.
> However, from the questions asked here, header damage is a not so
> infrequent problem. That is one of the reasons I wrote the FAQ ;-)
>
> Arno
> --
> Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name
> GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
> ----
> Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
>
> If it's in the news, don't worry about it.  The very definition of
> "news" is "something that hardly ever happens." -- Bruce Schneier
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>


More information about the dm-crypt mailing list