[dm-crypt] openLuks failing - semaphore weird bug involved ?
arno at wagner.name
Thu Sep 8 00:31:47 CEST 2011
As the header seems to be intact, the possibilities I see are
- A changed keymap. Some people had problems with special
symbols moving form ASCII encoding to UTF-8 encoding.
This yields different passphrase-hashes. See FAQ.
I am not familiar with seahorse. Maybe its passprase
input fails and theis leads to cryptsetup getting
an invalid passphrase as input? Anyways, try to
decrypt the key manually and see whether you get a
good passphrase for LUKS or an error and in the second
case, try a manual luksOpen with that passphrase.
- Keyslot damage. Look at the first keyslot with a
hex dumper, e.g. hd or hexdump, and see whether there
are obvious patterns. Offset and length are in the
- A broken LUKS version. In that case, can you try
with, e.g. a life-CD of the old version you used?
Or download, compile and try manually with the
current cryptsetup version?
The first and last option should yield a complete recovery.
A damaged keyslot is only recoverable with a header backup.
On Wed, Sep 07, 2011 at 02:30:32PM -0400, Ric Flomag wrote:
> Hi all,
> I've been using an external usb hard drive with three (no LVM) partitions,
> one of them crypt-luks (set up using palimpsest), for months. It used to get
> auto-mounted under Gnome when plugged. Seahorse provided the key (Ubuntu
> Since a few days ago, it does not mount anymore. luksOpen yields a "no key
> available" error message. No one around me can be suspected to have changed
> the password. The other (plain ext4) partition mounts normally.
> I can backup or dump the header without a problem. Another usb hardrive,
> with the same luks setup (as shown by header dumps), mounts as usual. All
> this is reproducible on other systems (another ubuntu 11.04 and a 11.10
> Note that I have the "weird semaphore bug" described here:
> though, in my case:
> * it happens approx. once every three luksOpen attempts
> * It is not related to luksOpen success or failure (the semaphore error
> message is just displayed sometimes with any of both hard drives)
> * Chromium is not involved
> Coincidentally, I have started to use my hard drives with ubuntu 11.00 beta
> a few days ago. It could have messed up something on one hd and not the
> Any hint to try and fix this ?
> ------------- faulty partition
> LUKS header information for /dev/sdb3
> Version: 1
> Cipher name: aes
> Cipher mode: cbc-essiv:sha256
> Hash spec: sha1
> Payload offset: 2056
> MK bits: 256
> MK digest: 70 41 d4 78 bd 91 9e 82 c3 9c 61 df e8 6b 4e 28 2f 2b 90
> MK salt: a8 c6 7f 6f 35 2b 48 19 cc e7 27 7a 4f a6 ca a3
> 9f 78 6d f8 21 b0 48 56 44 27 2c 53 75 bf 0c 86
> MK iterations: 22875
> UUID: 4b74a5b1-0c46-4808-98c0-3a51ec5f7c8e
> Key Slot 0: ENABLED
> Iterations: 91811
> Salt: 24 f0 44 14 a7 4d ae e6 b6 2b 42 7c 8d 10 87 39
> 47 05 fd 35 14 46 62 12 f7 5a 7e 99 8a 67 33
> Key material offset: 8
> AF stripes: 4000
> Key Slot 1: DISABLED
> Key Slot 2: DISABLED
> Key Slot 3: DISABLED
> Key Slot 4: DISABLED
> Key Slot 5: DISABLED
> Key Slot 6: DISABLED
> Key Slot 7: DISABLED
> dm-crypt mailing list
> dm-crypt at saout.de
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
More information about the dm-crypt