LinuxQuestions.org - Ubuntu overwrite mbr of a XFS-Dmcrypted-Raid 1 disks. How recover data?

- Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)

- - Ubuntu overwrite mbr of a XFS-Dmcrypted-Raid 1 disks. How recover data? (https://www.linuxquestions.org/questions/linux-general-1/ubuntu-overwrite-mbr-of-a-xfs-dmcrypted-raid-1-disks-how-recover-data-686712/)

Ubuntu overwrite mbr of a XFS-Dmcrypted-Raid 1 disks. How recover data?

Hi to all, my name is Marco.
Some time ago I set up an encrypted system with two 320 Gb disks on raid 1.
I created the raid 1 system with mdadm, I encrypted the hole new device with dmcryp and in this I built an XFS partition using all 320 Gb.
I used this encrypted disk to backup my personal data and other things. Software and system was on another hd, where it was installed Slackware. Unfortunately, I had problems with the Slackware, so I decided to remove this and install the last version of Ubuntu, just to try, on the partition where was the Slackware (I used the manual partition, I haven't touch the other disks). After installation I removed Ubuntu (I didn't like it), and I used Slax to access to my crypted disks, and than, after have assembled the raid 1 and create the mapper, I found out that I can't mount the xfs system.
I tried with fdisk and it can't find any partition, I have done a scan with testdisk on SystemRescueCd but it can't find anything.
After a lot of tests I find out that if I try to boot the pc with the 320 Gb disks, on the screen came out a Grub error. So I think that Grub have overwrite the mbr of the 320Gb disks, but I used all the disks as an encrypted device, so Grub must have overwritten encrypted data.
I would recover the data on the disks, can anyone help me???
Thank you for your time.

I think that unless you tell it otherwise LUKS writes its header to the start of the device by default. So if you assemble your RAID-1 then if 'cryptsetup luksDump' does not return info then I think your LUKS header might be gone. Making backups of that metadata is discouraged in the HOWTO, but if you would have it could have saved you in this instance, if that's what's missing. Of course there's a chance I'm horribly wrong but I think there'll no way to recover that data. Else LUKS encryption wouldn't be any good...

I didn't used luks, lukly, but only dm-crypt in the most simple way, so dmcrypt stored his data to the end of the disk (I think). Today I tried to see the hex of the decripted disk from sector 63, and I found out the names of the files that was on the disks.
Now I will try to copy the decrypted disk from sector 63 ( to remove the overwritted data) to another disk, and I will try to recover data.
Somebody know if is it possible recover data from xfs??? I read on their site, and it's seems to be impossible... Tomorrow I will try Helix on the disks.

RESOLVED!!!!!!!!!! :)

The solution was so stupid that I haven't tried for first...
I used only 1 of the 2 hd (in case of problems I would use the other...), I used dm-crypt, insert the passw, open the console, run xfs_repair... and mount... I recovered all the data!!!!! I'm Happy!!!! :)