LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Suse/Novell
User Name
Password
Suse/Novell This Forum is for the discussion of Suse Linux.

Notices

Reply
 
Search this Thread
Old 12-10-2009, 11:14 AM   #1
Nicolas
LQ Newbie
 
Registered: Nov 2006
Posts: 9

Rep: Reputation: 1
Suse 11.2 - cannot open encrypted partitions.


I have two encrypted partitions (one internal the other external) which worked fine in openSuse 11.1.
I just installed 11.2 and can no longer access either partition.

Yast partitioner asks for the passphrase but then fails to mount saying I need to specify the file system type (which is not an option available to me).

I have tried #cryptsetup luksOpen /dev/sda4 data

which asks for and accepts the passphrase saying the device is unlocked. But when I try to mount the partition I am again asked to specify the fs type, but it does not accept ext3 when specified.

fsck and e2fsck report bad superblock for the various block numbers I have tried.

I have seen elsewhere that it may be related to VIA and a padlock module but it is not clear to me how to proceed in that direction.

I find it hard to believe that I am the only person to have had this experience and would appreciate any help available.

(ps otherwise I am very impressed with 11.2 - shame about my data!)
 
Old 12-11-2009, 03:45 PM   #2
jiobo
Member
 
Registered: Nov 2008
Posts: 180

Rep: Reputation: 36
Have you ran fsck on the unmounted partition? After running fsck, try to mount it again and use the following command:

Code:
#mkdir /mnt/disk
#cryptsetup luksOpen /dev/sda4 data
(follow prompt)
#mount -t ext3 /dev/mapper/data /mnt/disk
If that worked, then you would need to edit /etc/fstab to add an entry for that partition. And read about mount:

Code:
man mount

Last edited by jiobo; 12-11-2009 at 03:49 PM.
 
Old 12-12-2009, 03:26 AM   #3
Nicolas
LQ Newbie
 
Registered: Nov 2006
Posts: 9

Original Poster
Rep: Reputation: 1
Thanks jiobo.

Yes, I have tried that and after:
# cryptsetup luksOpen /dev/sda4 data2
Enter LUKS passphrase for /dev/sda4:
key slot 0 unlocked.
Command successful.

I do:
# mount -t ext3 /dev/mapper/data2 /data2
and get:

mount: wrong fs type, bad option, bad superblock on /dev/mapper/data2,
missing codepage or helper program, or other error
In some cases useful info is found in syslog - try
dmesg | tail or so

dmesg gives me this:

[123831.055052] padlock: VIA PadLock not detected.
[123831.101519] padlock: VIA PadLock Hash Engine not detected.

I have googled this without much success.
 
Old 12-12-2009, 05:14 AM   #4
Nicolas
LQ Newbie
 
Registered: Nov 2006
Posts: 9

Original Poster
Rep: Reputation: 1
This thread (https://bugs.launchpad.net/ubuntu/+s...ux/+bug/206129) suggests either using alais or blacklist to disable the padlock-sha module. When I try that I get this in dmesg when I try to mount after unlocking:

[ 59.800835] Intel AES-NI instructions are not detected.
[ 65.642599] VFS: Can't find ext3 filesystem on dev dm-0.
 
Old 12-12-2009, 07:01 PM   #5
jiobo
Member
 
Registered: Nov 2008
Posts: 180

Rep: Reputation: 36
After running cryptsetup to get the HD in /dev/mapper, then run fsck:

Code:
# fsck /dev/mapper/data2
After that completes, try to mount it again.

Code:
mount -t ext3 /dev/mapper/data2 /mnt/disk
 
Old 12-12-2009, 09:41 PM   #6
worm5252
Member
 
Registered: Oct 2004
Location: Atlanta
Distribution: CentOS, RHEL, HP-UX
Posts: 565

Rep: Reputation: 57
Are you sure it is an ext3 filesystem and not something else such as ext2?
 
Old 12-13-2009, 03:28 AM   #7
Nicolas
LQ Newbie
 
Registered: Nov 2006
Posts: 9

Original Poster
Rep: Reputation: 1
Both fsck and e2fsck report bad superblock (for the various block numbers I have tried):

fsck from util-linux-ng 2.16
e2fsck 1.41.9 (22-Aug-2009)
fsck.ext2: Superblock invalid, trying backup blocks...
fsck.ext2: Bad magic number in super-block while trying to open /dev/mapper/data2

e2fsck -b 8193 /dev/mapper/data2
e2fsck 1.41.9 (22-Aug-2009)
e2fsck: Bad magic number in super-block while trying to open /dev/mapper/data2

I am certain that it is ext3 not ext2. Fdisk reports thus:
/dev/sda1 * 1 2357 18932571 83 Linux
/dev/sda2 2358 2877 4176900 82 Linux swap / Solaris
/dev/sda4 2878 19929 136970190 83 Linux

If it helps, luksDump gives this:
LUKS header information for /dev/sda4

Version: 1
Cipher name: aes
Cipher mode: cbc-essiv:sha256
Hash spec: sha1
Payload offset: 1032
MK bits: 128
MK digest: e8 3b f5 8c 89 ea 6e eb 68 41 db a8 97 6f 13 92 0e 34 05 e7
MK salt: 66 88 f1 5a 37 e8 f2 b7 80 5f 58 8f 89 3d b3 9c
cd af 45 52 76 91 ea 87 58 8f 8b ae 0f 38 21 db
MK iterations: 10
UUID: 4a6a9b44-5a52-486e-8f7d-e1edc5ef0168

Key Slot 0: ENABLED
Iterations: 324636
Salt: 0c 0d 70 e6 3d 40 41 f3 3b f9 13 59 8d 38 50 1a
16 a3 8c d3 96 e3 d9 f4 08 7d fe a6 04 5a 53 fa
Key material offset: 8
AF stripes: 4000
Key Slot 1: DISABLED
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED
 
Old 12-13-2009, 10:17 PM   #8
jiobo
Member
 
Registered: Nov 2008
Posts: 180

Rep: Reputation: 36
After running fsck, did you try to mount it? What happened? Tell fsck to fix the problems that it finds, if you did not do that.
Code:
man fsck
The luks header tells you that at least you are able to read part of the HD. Also try:

Code:
mount -t ext2 /dev/mapper/data2 /mnt/disk

Last edited by jiobo; 12-13-2009 at 10:19 PM.
 
Old 12-14-2009, 03:48 AM   #9
Nicolas
LQ Newbie
 
Registered: Nov 2006
Posts: 9

Original Poster
Rep: Reputation: 1
Attempts to mount after fsck or e2fsck both return the same superblock error as does using ext2:

mount -t ext2 /dev/mapper/data2 /data2
mount: wrong fs type, bad option, bad superblock on /dev/mapper/data2,
missing codepage or helper program, or other error
In some cases useful info is found in syslog - try
dmesg | tail or so
 
Old 01-05-2010, 07:55 AM   #10
Nicolas
LQ Newbie
 
Registered: Nov 2006
Posts: 9

Original Poster
Rep: Reputation: 1
Solved - follow the steps here. Example 4.11 (where the encryption was pre-10.3) was relevant to my problem and worked like a charm.

http://www.suse.de/~lnussel/hdencryp...ncryption.html
 
1 members found this post helpful.
Old 01-27-2010, 11:50 PM   #11
jiobo
Member
 
Registered: Nov 2008
Posts: 180

Rep: Reputation: 36
good link

Good link that you posted for SUSE. Would also be useful if you would explain what you did that made it work for you!
 
Old 01-29-2010, 03:34 AM   #12
Nicolas
LQ Newbie
 
Registered: Nov 2006
Posts: 9

Original Poster
Rep: Reputation: 1
OK, here goes:

The encrypted partition was /dev/sdc1 (a 260GB external drive on a USB connection, originally encrypted by SUSE 10.3, I think). I wished to mount it as /data4.

As root do:

1) losetup /dev/loop0 /dev/sdc1
2) cryptsetup --hash sha512 --cipher twofish-cbc-plain --key-size 256 create data4_map /dev/loop0
3) mount /dev/mapper/data4_map /data4

and that was it. At one point I needed to input the passphrase for the encrypted partition so that it could be unlocked. After the second step /dev/mapper/data4_map was created and available to be mounted.

By the way, prior to this and while trying to find a solution, I had used dd to create a copy of the partition (dd if=/dev/sdc1 of=cryptimage.img) and ended up reformatting /dev/sdc1 as ext3. I then restored the image to /dev/sdc1 using dd (dd if=cryptimage.img of=/dev/sdc1). It was good to see that dd handled the encrypted data perfectly, although it did take about 36 hours to make each copy!

My only regret was that I did not figure out the solution until after I had already reformatted my internal drive (/data2). Fortunately the external drive is my (paranoid!) backup so I did not lose any data.

Last edited by Nicolas; 01-29-2010 at 03:41 AM.
 
Old 02-18-2010, 12:24 PM   #13
jiobo
Member
 
Registered: Nov 2008
Posts: 180

Rep: Reputation: 36
Quote:
Originally Posted by Nicolas View Post
My only regret was that I did not figure out the solution until after I had already reformatted my internal drive (/data2). Fortunately the external drive is my (paranoid!) backup so I did not lose any data.
No paranoid there. That is why people use RAID arrays.
 
  


Reply

Tags
encryption, mount, opensuse112


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ThumbPrint authentication and encrypted partitions? Mark_667 Ubuntu 0 05-31-2008 03:32 PM
Loading encrypted partitions at boot compu73rg33k Ubuntu 0 11-03-2007 07:59 PM
Installing to encrypted partitions? compu73rg33k Ubuntu 2 11-03-2007 07:54 PM
need help mounting my ntfs partitions in open suse rocketprojectile Linux - Hardware 1 08-07-2007 08:08 PM
Creating and using encrypted partitions as non-root v00d00101 Linux - Security 3 06-25-2006 05:31 PM


All times are GMT -5. The time now is 01:40 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration