[dm-crypt] does luksDump guarantee header integrity?

Robert Nichols rnicholsNOSPAM at comcast.net
Sat Mar 23 14:59:08 CET 2013


On 03/23/2013 12:38 AM, hank wrote:
> Hi,
>
> I accidentally "formatted" an encrypted partition with mkfs.nilfs2
> (incl. -K option). Luckily mkfs.nilfs2 normally only overwrites data
> after 1024 bytes from the start of the block device, so the LUKS header
> should have remained intact.

The LUKS header, including the key material, is roughly a half Megabyte
in size. The key material, expanded and broken up into 4000 stripes for
each key slot, follows the 592-byte LUKS partition header (PHDR). Your
accidental formatting left the parameters in the PHDR and the
descriptors for first 6 key slots untouched, but overwrote the actual
key material.  Without a backup of the entire ~.5MB LUKS header you
cannot obtain the master key, and your data is unrecoverable.

-- 
Bob Nichols     "NOSPAM" is really part of my email address.
                 Do NOT delete it.



More information about the dm-crypt mailing list