[dm-crypt] HELP, luksFormat over existing container

Konstantin V. Gavrilenko k.gavrilenko at arhont.com
Sun Jan 8 10:59:02 CET 2012


----- Original Message -----
From: "Arno Wagner" <arno at wagner.name>
To: dm-crypt at saout.de
Sent: Saturday, 7 January, 2012 12:48:16 PM
Subject: Re: [dm-crypt] HELP, luksFormat over existing container

On Sat, Jan 07, 2012 at 10:57:08AM -0000, Konstantin V. Gavrilenko wrote:
> Hello list,
> 
> I have a problem :(
> 
> by mistake, instead of luksOpen I executed lukFormat on the loop device
> with associated cryptofile.  even though the key is was the same, I have
> no backup of original luksHeader, so I assume i have no way of recovering
> the SALT.  

And the master key is different in addition, at least in the first
key-slot that also has been overwritten.

KVG: I see, so the cryptsetup generates a different master key at each luksFormat eventhough the original key is the same, no hope for me then  :(((

> I am pretty much in Acceptance that it is not possible to
> recover anything, but would like to get an external confirmation, advice.

You are correct. Next step is to fix your set-up by adding
backup, see the FAQ.  
 
KVG:((( i had some files that were not backed up.

> p.s. surprised and disappointing that cryptsetup does not issue a warning
> when running luksFormat over luks preformatted container :(

It gives you a very clear warning and asks for an uppercase "YES"
and asks for the passphrease two times. That _should_ be enough. 
There is only so much a tool can do to protect you. The UNIX way is
to warn you, but to assume you want to do what you specified if
you ignore the warning. 


KVG: No it did not give the warning. I guess it depends on how the cryptsetup is used.
In my case, I have a gpg protected key, that I pipe to cryptsetup once it is decrypted.
Here is an example, two luksFormats in a row and no warning that luks header exists.


root at dmob:/# gpg --decrypt /tmp/keyfile.gpg | cryptsetup -v --cipher serpent-cbc-essiv:sha256 --key-size 256 luksFormat /dev/loop0
gpg: CAST5 encrypted data
gpg: gpg-agent is not available in this session
gpg: encrypted with 1 passphrase
gpg: WARNING: message was not integrity protected
Command successful.
root at dmob:/# gpg --decrypt /tmp/keyfile.gpg | cryptsetup -v --cipher serpent-cbc-essiv:sha256 --key-size 256 luksFormat /dev/loop0
gpg: CAST5 encrypted data
gpg: gpg-agent is not available in this session
gpg: encrypted with 1 passphrase
gpg: WARNING: message was not integrity protected
Command successful.






There are a number of ways to kill the header that give a lot less 
warning. Or none at all. Also the FAQ warns very, very clearly that 
you _need_ a backup and should have a header backup. The backup
is the second line of defense and one of its major tasks is to
protect against user errors.

See it this way: Most people do not bother with backup until
they lose something important. The earlier you make that 
experience, the better.


KVG: vielen Dank, noted :)


Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
One of the painful things about our time is that those who feel certainty 
are stupid, and those with any imagination and understanding are filled 
with doubt and indecision. -- Bertrand Russell 
_______________________________________________
dm-crypt mailing list
dm-crypt at saout.de
http://www.saout.de/mailman/listinfo/dm-crypt


More information about the dm-crypt mailing list