[dm-crypt] Extract master key from running system

Brian brayniac at gmail.com
Thu Jul 28 05:07:24 CEST 2011

Hi all - 

Sorry to ask such a noob question, but the FAQ states in the section on "Why is all my data permanently gone if I overwrite the LUKS header?":
"If your header does not contain an intact salt, best go directly to the last stage ("Acceptance") and think about what to do now. There is one exception that I know of: If your LUKS container is still open, then it may be possible to extract the master key from the running system. Ask on the mailing-list on how to do that and make sure nobody switches off the machine."

If anybody can help fill in the blanks there I'd very much appreciate it. I'm on the verge of the acceptance stage of grieving myself, but realized that I might fall into this category - the external drive was removed, and initialized on a new machine - never properly closed the container, and the machine is still running. I also still see the dm device. I believe the LUKS header is trashed on disk - isLuks gives 234 return, luksDump tells me it's not a valid LUKS device. Any way to recover here? Or do I accept? 

Thanks in advance!
- Brian

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20110727/3fbee36e/attachment.html>

More information about the dm-crypt mailing list