LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-13-2008, 10:33 AM   #1
luboss
LQ Newbie
 
Registered: Nov 2008
Posts: 4

Rep: Reputation: 0
cryptsetup won't open crypted fs on raid5 with known luks passphrase


Hello all,

I don't write in forums usually but now I'm hopeless and thinking about shred luks crypted disk
I have working RAID5 - cons. of 3 disks where I have crypted partition with lrw-benbi, using luks. It worked me day after day but once after I rebooted it and tried to reopen it didn't work anymore:
Code:
cryptsetup luksOpen /dev/md2 cpv0
Enter LUKS passphrase: 
Command failed.
I'm 99% sure I used the right password.

all prereq. are fullfilled:
Code:
root@lsmod|grep -E 'dm_cr|lrw|aes' 
aes_x86_64              8576  1 
aes_generic            28072  1 aes_x86_64
dm_crypt               12936  1 
dm_mod                 48200  5 dm_crypt,dm_mirror,dm_log,dm_snapshot
lrw                     3968  1 
crypto_blkcipher       16004  3 dm_crypt,lrw
gf128mul                7552  1 lrw
root@lubox:~/scripts# uname -a
Linux lubox 2.6.26 #2 Sun Aug 17 22:12:17 CEST 2008 x86_64 GNU/Linux
mdadm is working ok:
Code:
root@lubox:~# mdadm --detail /dev/md2
/dev/md2:
        Version : 00.90.03
  Creation Time : Thu Oct 30 18:46:00 2008
     Raid Level : raid5
     Array Size : 974277632 (929.14 GiB 997.66 GB)
    Device Size : 487138816 (464.57 GiB 498.83 GB)
   Raid Devices : 3
  Total Devices : 3
Preferred Minor : 2
    Persistence : Superblock is persistent

    Update Time : Thu Nov 13 17:32:05 2008
          State : clean
 Active Devices : 3
Working Devices : 3
 Failed Devices : 0
  Spare Devices : 0

         Layout : left-symmetric
     Chunk Size : 128K

           UUID : a65f276f:505dd844:0624c941:ba7d69df (local to host lubox)
         Events : 0.20

    Number   Major   Minor   RaidDevice State
       0       8        3        0      active sync   /dev/sda3
       1       8       19        1      active sync   /dev/sdb3
       2       8       35        2      active sync   /dev/sdc3
can be there some other issue then wrong password?
had somebody similar problem like this?

Last edited by luboss; 11-13-2008 at 11:36 AM.
 
Old 11-13-2008, 11:03 AM   #2
Randux
Senior Member
 
Registered: Feb 2006
Location: Siberia
Distribution: Slackware & Slamd64. What else is there?
Posts: 1,705

Rep: Reputation: 54
I can't help on this except that it's easy to mess up entering your passphrase. If you know how to use Emacs, split your screen and open a shell. You can paste your password into the mount prompt. You can probably do this with some consoles but I use Emacs for this kind of thing.
 
Old 11-13-2008, 11:50 AM   #3
luboss
LQ Newbie
 
Registered: Nov 2008
Posts: 4

Original Poster
Rep: Reputation: 0
hi Randux,

thanks for your answer. I do not use emacs, only vi, worse I cannot install it right now since apt-get install doesn't work.
By the way I really don't understand how you mean it, sorry :-)
How can be prooved I don't use right password? Can this be some other issue?

Lubos
 
Old 11-13-2008, 01:55 PM   #4
Randux
Senior Member
 
Registered: Feb 2006
Location: Siberia
Distribution: Slackware & Slamd64. What else is there?
Posts: 1,705

Rep: Reputation: 54
You can't verify your password when you're typing it because the prompt doesn't echo it. If you type it in an editor session where you can see it, you're more likely to spot an error. Or if you have it saved in a file (bad idea) you can copy and paste it.

BTW if you use the Bash shell, .bash_history can save a lot of confidential info. Either mount it on a secure drive or change your .bash_profile to exclude certain commands. [Man histignore]

Also may be worth checking on debian mailing lists or website to see if anyone has a similar problem :-(

Last edited by Randux; 11-13-2008 at 01:57 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
cryptsetup with passphrase file on USB stick titopoquito Slackware 7 10-30-2007 06:37 AM
luks cryptsetup and lvm question ruzzed Linux - Software 3 09-16-2007 07:21 PM
cryptsetup+LUKS: security concept feasible? furryspider Linux - Security 3 08-11-2007 04:10 AM
cryptsetup-luks question nomb Linux - Software 4 06-14-2007 10:22 AM
cryptsetup-luks error flying-tuxman Linux - Security 2 11-20-2006 11:08 AM


All times are GMT -5. The time now is 08:56 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration