Results 1 to 4 of 4

Thread: Overwrote losetup encrypted disk with LUKS header. How to restore data?

  1. #1

    Question Overwrote losetup encrypted disk with LUKS header. How to restore data?

    Hi all

    I'm in big trouble.
    During the installation openSUSE 11.4 i've accidentally overwritten my existing losetup encrypted ext3 disk with a LUKS header.
    I did not reformat the disk, just created a new encrypted partition in yast. My real intention was just to mount the encrypted disk, but i got kind of misleaded....

    Is there any way to get my data back?

    Cheers
    baburas

  2. #2
    Join Date
    Aug 2008
    Location
    Behind the 8 ball
    Posts
    116

    Default Re: Overwrote losetup encrypted disk with LUKS header. How to restore data?

    What system were you using before openSuse 11.4? I would try to rollback to that and try mounting the drive.
    Do you have a backup of this data?

    Good luck,
    Hiatt

  3. #3
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Overwrote losetup encrypted disk with LUKS header. How to restoredata?

    On 2011-03-21 16:06, baburas wrote:
    >
    > Hi all
    >
    > I'm in big trouble.
    > During the installation openSUSE 11.4 i've accidentally overwritten my
    > existing losetup encrypted ext3 disk with a LUKS header.
    > I did not reformat the disk, just created a new encrypted partition in
    > yast. My real intention was just to mount the encrypted disk, but i got
    > kind of misleaded....
    >
    > Is there any way to get my data back?


    Create an image of it somewhere with dd, then experiment.
    I have no idea if it is possible to recover the data, my guess is "no". You
    need an expert.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 11.2 x86_64 "Emerald" at Telcontar)

  4. #4

    Default Re: Overwrote losetup encrypted disk with LUKS header. How to restoredata?

    Finally i was able to get access to my data.

    First i had to find out what cipher has been used orginally for encrypting the disk.
    Then i could setup a loop device for my encrypted disk as follows:
    Code:
    losetup -e twofish256 -H sha512 /dev/loop0 /dev/sdb2
    With fsck i was able to repair the ext3 filesystem:
    Code:
    fsck.ext3 /dev/loop0
    fsck had automatically used an alternative superblock for fixing the filesystem.
    Now i can mount the filesystem again and so far i had not discovered any data loss on the disk.

    One open question remains. The LUKS header is still on the disk.
    When i execute
    Code:
    cryptosetup luksDump /dev/sdb2
    i still get the LUKS header information from the disk.

    I wonder how large is this header information? Does the header not affect the ext3 filesystem on the disk?

    Cheers
    baburas

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •