[dm-crypt] recover old crypt partition
jonas at freesources.org
Fri Jan 7 14:23:36 CET 2011
On 07/01/2011 Arno Wagner wrote:
> On Thu, Jan 06, 2011 at 10:08:42PM +0100, Jonas Meurer wrote:
> > Hey,
> > On 06/01/2011 Arno Wagner wrote:
> > > On Thu, Jan 06, 2011 at 04:33:52PM +0100, Jan Christoph Uhde wrote:
> > > > > Is this plain dm-crypt?
> > > >
> > > > i used cryptsetup in debian sid
> > >
> > > Yes, but did you create a LUKS partition or a plain dm-crypt one?
> > > The default would have been dm-crypt. Hmm. That would mean the cipher
> > > is probably the old default of aes-cbc-plain. Can anybody confirm that
> > > for Debian SID?
> > what do you mean with "the default". it highly depends on the method
> > that was used to encrpyt the device. was it done during installation
> > process (debian-installer), with the shipped luksformat script, with
> > some graphical frontend (gnome-device-manager, gnome-disk-utility, ...)
> > or by invoking cryptsetup directly (with which commandline arguments?).
> > the default cipher depends on the cryptsetup package version used when
> > the decive was encrypted.
> That is why I asked. And you are right, a commandline default
> does not cut it, more information is needed.
> Well, at least whether it was LUKS or not is easily answered.
> A look into a hexdump of the start of the device will show the
> magic string "LUKS" right at the start. Options to get that:
> - hd /dev/<device> | head
> - hexdump /dev/<device> | head
> - hex /dev/<device> | head
> and possibly a few others. Example from my LUKS test container
> in a file:
even better would be a luksDump: 'cryptsetup luksDump /dev/<device>'.
If the device is a luks device, you even get information about cipher,
hash, and key size. If it's not a luks device, it'll simply output:
Device /dev/vg_int/ctemp1 is not a valid LUKS device.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 836 bytes
Desc: Digital signature
More information about the dm-crypt