Results 1 to 7 of 7

Thread: [LEAP 15] Please Help, cannot mount encrypted home image

  1. #1

    Unhappy [LEAP 15] Please Help, cannot mount encrypted home image

    Hi I am in deep trouble. Something is broken and I cannot mount the encrypted home image anymore. The strange thing is that if Opensuse mounts it automatically at pass prompt it works. I normally use this command:
    Code:
    openssl aes-256-cbc -d -in /dir/some.key | cryptsetup luksOpen /dir/some.img "mount_point"
    this is not working anymore I type in the passphrase and it says the passphrase is invalid!! decryption error,etc.

    I am pretty sure what the passphrase is, because if I use the login shell and input the passphrase it works!! this is very strange.

    I need this command to work because if the encrypted image fails to mount because it has errors I cannot correct them anymore, because I cannot mount the image to check with fsck.

    thanks for reading.

  2. #2
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    29,761

    Default Re: [LEAP 15] Please Help, cannot mount encrypted home image

    So you are testing Leap 15 and think you encountered a problem.

    Then please describe as exact as possible what you do, what happens and what you think that should happen. Not for helping you, bit for helping the developers so they can hopefully find a solution before Leap 15 is released.
    Henk van Velden

  3. #3

    Default Re: [LEAP 15] Please Help, cannot mount encrypted home image

    Ok, I have an encrypted home folder that is localized in /some_dir/home.img, it's actually an image of the home directory, when I set it up the first time everything was done in yast2 gui. The salt key is localized in /some_dir/home.key.
    Now everything works for me, but the problem is from time to time, fsck finds errors in the encrypted folder (actually an image) and I need to go to the rescue prompt as root, and mount it with that command
    Code:
    openssl aes-256-cbc -d -in /dir/some.key | cryptsetup luksOpen /dir/some.img "mount_point"
    (don't ask me what that command does I only now that worked many times before, the first time I encrypted this home image was with Opensuse 13.2, so with 42.1,42.2 and 42.3 it worked)
    Anyway I'm going to try mounting the encrypted image with a Live CD. I've read some ppl had this kind of trouble because their keyboard layout got messed up.

  4. #4

    Default Re: [LEAP 15] Please Help, cannot mount encrypted home image

    Quote Originally Posted by rocketbones View Post
    and I need to go to the rescue prompt as root, and mount it with that command
    Code:
    openssl aes-256-cbc -d -in /dir/some.key | cryptsetup luksOpen /dir/some.img "mount_point"
    (don't ask me what that command does I only now that worked many times before, the first time I encrypted this home image was with Opensuse 13.2, so with 42.1,42.2 and 42.3 it worked)
    this command is saying that the passphrase is invalid. No valid key file found with that passphrase.

  5. #5

    Default Re: [LEAP 15] Please Help, cannot mount encrypted home image

    I actually downgraded from Tumbleweed, normally I don't use tumbleweed. I started with 13.2 then Leap 42.0,42.1,42.2,42.3, then upgraded to Tumbleweed and now since it was the first alpha build jumped to Leap 15.0

  6. #6

    Default Re: [LEAP 15] Please Help, cannot mount encrypted home image

    luckily I was able to add a New Key slot with Luks using this guide https://www.thegeekstuff.com/2016/03...setup-lukskey/


    I will write down the relevants parts:

    dump the key with dmsetup

    Code:
    dmsetup table --showkeys 
    home1: 0 197259264 crypt aes-xts-plain64 607f482870c795a9b1e307ffbfc6643eaa219e9ef8c6773de02cd298c8fcda3c 0 8:17 4096
    your key is

    Code:
    607f482870c795a9b1e307ffbfc6643eaa219e9ef8c6773de02cd298c8fcda3c
    now write that key into a text file.
    luksdumpkey.txt with vim nano etc.


    now you need to create a binary file from the key

    Code:
    xxd -r -p luksdumpkey.txt luksdumpkey.bin
    Now finally you can add a New Key Slot with Luks
    Code:
    cryptsetup luksAddKey /dev/sdb1 --master-key-file <(cat luksdumpkey.bin)
    It will ask you for a completly new password so you don't need to enter the old one.

    Now I can finally mount the image (as root) to /dev/mapper with this command

    Code:
    cryptsetup --cipher aes-xts-plain64 luksOpen /dir/some.img "home"

  7. #7

    Default Re: [LEAP 15] Please Help, cannot mount encrypted home image

    just to clarify it's not mounting it's mapping to /dev/mapper

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •