[dm-crypt] Need help: Device /dev/md3 is not a valid LUKS device

Arno Wagner arno at wagner.name
Sun Apr 29 23:28:20 CEST 2012


I suspect you actually created the ext4 filesystem after 
luksFromat, thereby destroying the LUKS header.

What you need to to is

1. luksFromat
2. luksOpen to map /dev/md3 e.g. to /dev/maper/c1
3. Create the filesystem on /dev/mapper/c1

However I would say that with this mistake (filesyste and
LUKS on the same level), you do not really understand what
you are doing. You will likely not be secure as a consequence,
even if you get it to work.

I strongly suggest reading up on encryption and filesystem
layers. Some info can be found in the cryptsetup FAQ, but you
need more. A possible start is Wikipeadia on the topics
"filesystem", "encryption" and "disk encryption". That should
clear things up a bit.

Arno



On Sun, Apr 29, 2012 at 11:03:57AM -0700, Lucy Brentwood wrote:
> Hello all,
> 
> Following an advice found in an Internet forum, I am sending this list my request for help in hope someone will be able to answer it.
> 
> I am installing Debian in a new computer (so I am pretty flexible about what I can do).
> 
> 
> I started following a tutorial for RAID5 + DM-CRYPT + LVM2 and I now face a weird issue.
> 
> I launch the computer with the latest Debian live distribution and work on the hard drives from there.
> 
> 
> The first steps that concern this issue are:
> 
> I partition the 4 hard drives using fsdisk, one partition with 10GB for /boot, one with 130GB for swap, and two big partitions for the operating system and for additional data. /boot is set as bootable, all as Linux Raid devices (code fd).
> 
> 
> I create a RAID5 array with the four hard drives:
> 
> 
> # mdadm --create /dev/md3 --level=5 --raid-devices=4 /dev/sda4 /dev/sdb4 /dev/sdc4 /dev/sdd4 
> 
> 
> Then I format it to ext4:
> 
> # mke2fs -t ext4 /dev/md3
> 
> Then I encrypt the partition:
> 
> # KEYFILE="/media/PENDRIVE/picture.jpg"
> # cryptsetup --hash sha512 --key-size 256 --cipher aes-cbc-essiv:sha256 luksFormat /dev/md3 $KEYFILE
> 
> WARNING!
> ========
> This will overwrite data on /dev/md3 irrevocably.
> 
> Are you sure? (Type uppercase yes): YES
> 
> 
> 
> And then I try to open the RAID5 array:
> 
> # cryptsetup --key-file $KEYFILE luksOpen /dev/md3 md3encrypted
> 
> And I get:
> 
> Device /dev/md3 is not a valid LUKS device.
> 
> Can anyone let me know what is happening or what I did wrong?
> 
> Thank you in advance,
> 
> Lucy

> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt


-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
One of the painful things about our time is that those who feel certainty 
are stupid, and those with any imagination and understanding are filled 
with doubt and indecision. -- Bertrand Russell 


More information about the dm-crypt mailing list