Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
To open an encrypted device, you need to specify the name of the encrypted device as the first parameter. You, however, specify random device names, some ofwhich don't even exist.
After the second to last command, the device is open and can be accessed as /dev/mapper/sda3_crypt.
I don't see what gparted tells you, but the device dorsn't contain partitions anyway.
Which passphrase are you using when you open those LUKS containers, your passphrase from the old system, or the one you used during the aborted installation? (I really hope you didn't use the same passphrase for both.)
That makes no sense whatsoever. There is no way those links should resolve to a directory inode. Let's trace the chain. What does "namei /dev/mapper/Live--OS--vg-root" report?
I don't see what gparted tells you, but the device dorsn't contain partitions anyway.
It's not clear to me what you want to achieve.
What GParted recently showed me is what it showed me in the image file of Comment #1 on page 1 of this thread.
I want to do anything I can to recover several folders of markdown files from with the encrypted system. If I had the money I would send it to a recovery service.
I haven't done a manual install of LUKS for about two years, to create a custom sized swap, and haven't thought about LUKS, volume groups, PVs, LVs or anything of the sort since then, until last week.
Yes, I am confused of things like the why "sda3_crypt" asked for and responds to a passphrase, yet "Live-OS-vg" does not, yet it is what shows up after opening "sda3_crypt".
Which passphrase are you using when you open those LUKS containers, your passphrase from the old system, or the one you used during the aborted installation? (I really hope you didn't use the same passphrase for both.)
That makes no sense whatsoever. There is no way those links should resolve to a directory inode. Let's trace the chain. What does "namei /dev/mapper/Live--OS--vg-root" report?
The passphrase from the aborted installation.
Code:
root@neon:~# namei /dev/mapper/Live--OS--vg-root
f: /dev/mapper/Live--OS--vg-root
d /
d dev
d mapper
l Live--OS--vg-root -> ../dm-1
d ..
b dm-1
root@neon:~#
haven't thought about LUKS, volume groups, PVs, LVs or anything of the sort since then, until last week.
Yes, I am confused of things like the why "sda3_crypt" asked for and responds to a passphrase, yet "Live-OS-vg" does not, yet it is what shows up after opening "sda3_crypt".
It's time to learn about LVM and LUKS, then. Plenty of introductory information is available.
Do you mean the disk was originally not encrypted? Then there are chances you can recover your data, especially if you are looking for text files.
If it was already encrypted before your accident, then you lost the master key, and no recovery service will be able to get the data back.
Do you mean the disk was originally not encrypted?
It was encrypted, I had just used the LUKS/LVM check box in the KDE Neon install step because I no longer needed a larger swap so I went with their default LUKS install.
As determined by your hexedit search, there is only one LUKS header present on the disk.
That header is unlocked by the passphrase from your aborted installation.
Thus, your original LUKS header no longer exists.
Without that original LUKS header, there is no possibility of recovering the master key that encrypts your old data. That data is forever unrecoverable.
BTW, could you briefly explain what was unusual about these reports?
Quote:
Originally Posted by rknichols
That makes no sense whatsoever. There is no way those links should resolve to a directory inode. Let's trace the chain. What does "namei /dev/mapper/Live--OS--vg-root" report?
root@neon:~# namei /dev/mapper/Live--OS--vg-root
f: /dev/mapper/Live--OS--vg-root
d /
d dev
d mapper
l Live--OS--vg-root -> ../dm-1
d ..
b dm-1
root@neon:~#
The target of the link /dev/mapper/Live--OS--vg-root is /dev/dm-1, which should be a block special device inode, not a directory. The file command should not be seeing a directory there. The output from "stat /dev/dm-1" might be interesting.
It really doesn't matter any more, since your needed LUKS header is gone.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.