[dm-crypt] Retrieve the Passphrase from RAM Memory

Milan Broz mbroz at redhat.com
Tue Sep 27 14:26:02 CEST 2011


On 09/27/2011 01:53 PM, octane indice wrote:
> The passphrase, I don't think so, but the master key, yes
> for sure.
> Here is a paper in french (maybe google translate can
> help) where somebody gets the master key, then use it 
> for reading data:
> http://sylv1.tuxfamily.org/2008/240/gout-de-luks.html

hm this is naive approach but just illustrate the problem
that distros ignore deactivation of dmcrypt mapping during shutdown.

if you are superuser, you can always get volume key (so far)
dmsetup table --showkeys

also see
http://code.google.com/p/cryptsetup/source/browse/trunk/misc/luks-header-from-active
(recreating LUKS header from active device & volume key)

Milan


More information about the dm-crypt mailing list