LinuxQuestions.org - recover encrypted filesystem

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - recover encrypted filesystem (https://www.linuxquestions.org/questions/linux-newbie-8/recover-encrypted-filesystem-868138/)

aggrishabh

03-12-2011 09:52 AM

recover encrypted filesystem

Hi All,

I recently install RHEL5.5 and as a experiment encrypt the root file system at the time of installation. now at the time of booting it ask for the pass phrase which i gave at the time of installation. now the issue is i completely remember the pass phrase but OS is not validating this. please help me in recover it or any idea to hack/bypass this thing.

Thanks in advance.

TB0ne

03-12-2011 10:12 AM

Quote:

Originally Posted by aggrishabh (Post 4288111)

Hi All,
I recently install RHEL5.5 and as a experiment encrypt the root file system at the time of installation. now at the time of booting it ask for the pass phrase which i gave at the time of installation. now the issue is i completely remember the pass phrase but OS is not validating this. please help me in recover it or any idea to hack/bypass this thing.
Thanks in advance.

Sorry, you cannot 'hack' or bypass this. Would be fairly pointless if you COULD. The only thing that would prevent you from reading your partition, would be that you're putting in the wrong passphrase.

Since you're using RHEL, you can contact RedHat support, since you're paying for it with your RHEL subscription. They may have some idea with the product that they ship.

jschiwal

03-12-2011 10:24 AM

Try booting using a live distro. See if you can unlock the partition manually (with the passphrase of course)

cryptsetup luksOpen <device> cr_<device>

If this is successful, use "file -s /dev/mapper/cr_<device>" to see what the partition is.

Yours isn't the first message about this. You seem to have LVM over Luks. I think I have read somewhere that this may be asking for trouble, but can't find where I read that.

After decrypting the device, use the LVM related programs so you end up with logical device nodes.
If the LVM exists. try vgmknodes to create new nodes and delete stale ones.

TB0ne

03-12-2011 02:18 PM

Good one...I must remember that. I've not played with LVM's except for Veritas on SAN's, just because I think they're overkill for a stand-alone workstation/server. These days, it's unlikely you'd need to add a ton of disk space to a volume, since drive storage is so cheap.

Just got a 750GB drive for my laptop for $59...don't think I'll need to be extending any partitions anytime soon. :)

colucix

03-13-2011 12:03 PM

@aggrishabh: as already pointed out by TB0ne if you could easily bypass the disk encryption it would be fairly pointless. Furthermore if someone would be able to give advice in this sense, it would be against the LQ rules and philosophy. Indeed, despite the good intentions, this kind of information might be used in a malicious way.

Said that, you have already received two good advices:
1. contact the Red Hat's support if you have a valid subscription
2. try to unlock the encrypted partition manually through a live CD, using the given passphrase.

Please, update us on your progresses.

colucix

03-16-2011 03:39 AM

Since the OP did not reply in the past 60 hours, thread closed.

All times are GMT -5. The time now is 04:33 PM.