[dm-crypt] recovering forgotten password

Arno Wagner arno at wagner.name
Wed Aug 17 21:35:13 CEST 2011

On Wed, Aug 17, 2011 at 01:44:44PM -0400, ken wrote:
> Having searched through the archives and read the FAQ list, I know this

Good. Forst step done right.

> isn't going to be easy, but I have to give it a try anyway.  Yes, I'm
> yet another guy who forgot his LUKS password.  And I encrypted both the
> system and data LVs (when I first installed CentOS/Linux).  After a
> couple days trying out various passphrases (going through my three
> chances and then having to shut down and restart the machine to get
> another three chances) and not succeeding, I removed the drive and put
> it into a drive enclosure, then attached it (via USB) to an older but
> working system.  Now I can read only the /boot partition of that drive....
> Now, when I run cryptsetup, it won't let me specify the device name:
> # cryptsetup status luks-3[...]683a /dev/sda3
> /dev/mapper/luks-3[...]683a does not exist.

Huh? What kind of command is that supposed to be?
You have to 1. luksOpen and 2. mount. There is no 
autoMagic after the removal from the original system.

To verify the LUKS header, use something like
  cryptsetup luksDump /dev/sda3

To try a password, use somethin like
  cryptsetup luksOpen /dev/sda3

If you need enough tries to automatize this, you can
read the passphrase from file (or stdin) with something 
like this
  cryptsetup --key-file=<some file> luksOpen /dev/sda3

For this, make sure to not have a trailing newline in
the file.


> I also tried for device /dev/sda ... still no go.
> Or is there a better way to input my passphrase guesses...?
> tnx.
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 

More information about the dm-crypt mailing list