[dm-crypt] LUKS encrypted hard disk crashed. Recovery question

Michael Kjörling michael at kjorling.se
Fri Aug 19 11:44:12 CEST 2016


On 19 Aug 2016 08:57 +0000, from saibalka at yahoo.co.in (Saibal Kumar Adhya):
> Unfortunately, the hard disk crashed sometime back. It is a hardware
> fault. There was no backup.
> A data recovery agency managed to recover 50% of the sectors.
> However it is unable to recover any data as the original disk was
> encrypted.
> So now trying to figure out how to de-crypt and recover some of the
> data?

Unfortunately, if the key slots are lost or damaged beyond repair, and
you have no backup, then I am fairly certain that you are out of luck.

I assume that when you say that there was no backup, you also mean
that you do not have a LUKS header copy or master key data for the
container.

Such a situation is similar to having overwritten the key slot area of
the disk, which is a good way to quickly decomission a LUKS-encrypted
disk because it renders all other data non-recoverable (the data
required to gain access to the payload data no longer exists).

If you are able to somehow gain access to the key slots in the LUKS
header, it should be possible to decrypt the (stored) payload data, to
the extent that the data recovery agency was able to recover the data.
What they were not able to recover will decrypt to nonsense.

-- 
Michael Kjörling • https://michael.kjorling.semichael at kjorling.se
                 “People who think they know everything really annoy
                 those of us who know we don’t.” (Bjarne Stroustrup)


More information about the dm-crypt mailing list