Unencrypting a partition - cleanup

I’m trying to clear up the mess left when I tried experimenting with
encrypting a spare partition/filesystem with YaST.

Basically YaST threw up errors when I tried to encrypt a partition without
formatting it but on a retry (apparently) succeeded in formatting and
encrypting it together and gave me a /dev/mapper/cr_sdc1 entry (both without
mounting the partition).

I had to reboot to get the new partition available for mounting but it
seemed to be Ok but confused me by asking for a passphrase for cd_sdc1
during boot even though it wasn’t being mounted.

When I tried to unencrypt the partition YaST threw up enough wobblies that I
ended up having to reboot (mostly to clear a spurious mount and busy message
for the fs) and then formatted it directly from a terminal with mkfs.

I still have /dev/mapper/cr_sdc1 and keep getting asked for a passphrase for
it on boot.

Just to make life interesting the partition was /dev/sdc1 when I did this
because I had an external HDD connected at boot which went in as /dev/sda.
At the last boot the external USB wasn’t recognised so the partition I was
playing with is now at /dev/sdb1. YaST’s partitioner shows /dev/sdb1 as
encrypted. Attempting to mount /dev/sdb1 comes up with /dev/sdb1 already
mounted or the mountpoint is busy, umount says not mounted and fuser doesn’t
show any users.

Can I just delete /dev/mapper/cr_sdc1 without screwing up my system?

Alan
(openSUSE 11.2, KDE4.5)

Fudokai wrote:

> I’m trying to clear up the mess left when I tried experimenting with
> encrypting a spare partition/filesystem with YaST.
>
> Basically YaST threw up errors when I tried to encrypt a partition without
> formatting it but on a retry (apparently) succeeded in formatting and
> encrypting it together and gave me a /dev/mapper/cr_sdc1 entry (both
> without mounting the partition).
>
> I had to reboot to get the new partition available for mounting but it
> seemed to be Ok but confused me by asking for a passphrase for cd_sdc1
> during boot even though it wasn’t being mounted.
>
> When I tried to unencrypt the partition YaST threw up enough wobblies that
> I ended up having to reboot (mostly to clear a spurious mount and busy
> message for the fs) and then formatted it directly from a terminal with
> mkfs.
>
> I still have /dev/mapper/cr_sdc1 and keep getting asked for a passphrase
> for it on boot.
>
> Just to make life interesting the partition was /dev/sdc1 when I did this
> because I had an external HDD connected at boot which went in as /dev/sda.
> At the last boot the external USB wasn’t recognised so the partition I was
> playing with is now at /dev/sdb1. YaST’s partitioner shows /dev/sdb1 as
> encrypted. Attempting to mount /dev/sdb1 comes up with /dev/sdb1 already
> mounted or the mountpoint is busy, umount says not mounted and fuser
> doesn’t show any users.
>
> Can I just delete /dev/mapper/cr_sdc1 without screwing up my system?

Your description of what went wrong isn’t completely clear to me, so I can’t
help too much. I would however, suggest having a look at /etc/crypttab and
comment out/delete what you don’t need there.

Hope that helps.

Don

Don Raboud wrote:

> Fudokai wrote:
>
>> I’m trying to clear up the mess left when I tried experimenting with
>> encrypting a spare partition/filesystem with YaST.
>>
>> Basically YaST threw up errors when I tried to encrypt a partition
>> without formatting it but on a retry (apparently) succeeded in formatting
>> and encrypting it together and gave me a /dev/mapper/cr_sdc1 entry (both
>> without mounting the partition).
>>
>> I had to reboot to get the new partition available for mounting but it
>> seemed to be Ok but confused me by asking for a passphrase for cd_sdc1
>> during boot even though it wasn’t being mounted.
>>
>> When I tried to unencrypt the partition YaST threw up enough wobblies
>> that I ended up having to reboot (mostly to clear a spurious mount and
>> busy message for the fs) and then formatted it directly from a terminal
>> with mkfs.
>>
>> I still have /dev/mapper/cr_sdc1 and keep getting asked for a passphrase
>> for it on boot.
>>
>> Just to make life interesting the partition was /dev/sdc1 when I did this
>> because I had an external HDD connected at boot which went in as
>> /dev/sda. At the last boot the external USB wasn’t recognised so the
>> partition I was playing with is now at /dev/sdb1. YaST’s partitioner
>> shows /dev/sdb1 as encrypted. Attempting to mount /dev/sdb1 comes up with
>> /dev/sdb1 already mounted or the mountpoint is busy, umount says not
>> mounted and fuser doesn’t show any users.
>>
>> Can I just delete /dev/mapper/cr_sdc1 without screwing up my system?
>
> Your description of what went wrong isn’t completely clear to me, so I
> can’t
> help too much. I would however, suggest having a look at /etc/crypttab
> and comment out/delete what you don’t need there.
>
> Hope that helps.

Thanks

What went wrong confuses the hell out of me too but I’m just trying to get
the system back as it was before I started playing.

Next time I try this sort of thing I’ll use a vm - I wasn’t expecting YaST
to have problems adding encryption to an existing partition with a fs on it.

I’ll try commenting out the /dev/sdc1 entries in /etc/crypttab (there are 3
of them BTW).

I’ve still got a (apparently useless) /dev/mapper/cr_sdc1 entry - can I
delete that with impunity?

–
Alan

Fudokai wrote:

> Next time I try this sort of thing I’ll use a vm - I wasn’t expecting YaST
> to have problems adding encryption to an existing partition with a fs on
> it.

I’m pretty sure that doesn’t work. You would need to back up, create the
encrypted file system and then copy your data to that.

> I’ll try commenting out the /dev/sdc1 entries in /etc/crypttab (there are
> 3 of them BTW).
>
> I’ve still got a (apparently useless) /dev/mapper/cr_sdc1 entry - can I
> delete that with impunity?

Sure. try something like ‘sudo cryptsetup luksClose cr_sdc1’

/dev/mapper/<> gets created partially based on the contents of
/etc/crypttab, so if you get rid of it there as well it shouldn’t reappear.

–
Don

On 2010-10-16 15:20, Fudokai wrote:
> I’m trying to clear up the mess left when I tried experimenting with
> encrypting a spare partition/filesystem with YaST.
>
> Basically YaST threw up errors when I tried to encrypt a partition without
> formatting it but on a retry (apparently) succeeded in formatting and
> encrypting it together and gave me a /dev/mapper/cr_sdc1 entry (both without
> mounting the partition).

It fails often. I know.

> I had to reboot to get the new partition available for mounting but it
> seemed to be Ok but confused me by asking for a passphrase for cd_sdc1
> during boot even though it wasn’t being mounted.

You do not need to reboot.

> When I tried to unencrypt the partition YaST threw up enough wobblies that I
> ended up having to reboot (mostly to clear a spurious mount and busy message
> for the fs) and then formatted it directly from a terminal with mkfs.

Umount via rccrypto stop, then use the partitioner.

> I still have /dev/mapper/cr_sdc1 and keep getting asked for a passphrase for
> it on boot.
>
> Just to make life interesting the partition was /dev/sdc1 when I did this
> because I had an external HDD connected at boot which went in as /dev/sda.
> At the last boot the external USB wasn’t recognised so the partition I was
> playing with is now at /dev/sdb1. YaST’s partitioner shows /dev/sdb1 as
> encrypted. Attempting to mount /dev/sdb1 comes up with /dev/sdb1 already
> mounted or the mountpoint is busy, umount says not mounted and fuser doesn’t
> show any users.

Cute

>
> Can I just delete /dev/mapper/cr_sdc1 without screwing up my system?

Yes, but not via “rm”.

(Just for the record, yes, I understand all that happened >:-) )

First, there is a service (/etc/init.d/boot.crypto) that mounts during boot the encrypted partition
asking for the password. By the way, you simply had to enter the password to continue the login
procedure, I do not see the problem you had.

The process is controlled by entries on /etc/crypttab and /etc/fstab - respectively:

cr_sdc1 /dev/sdc1 none none

and:

/dev/mapper/cr_sdc1 /cripta ext4 noauto,nofail 1 3

If you want that it doesn’t ask on every boot, just change the first line:

cr_sdc1 /dev/sdc1 none noauto

If you want that it works even if the device changes position, use UUID or ID:

cr_sdc1 /dev/disk/by-id/SOMETHING-part1 none noauto

or

cr_sdc1 /dev/disk/by-uuid/OTHERSOMETHING none noauto

Then, to start it at will, just use “rccrypto start” (and stop, status, etc).

And to disable it completely, remove or comment out both lines (on the respective file).

Ah, by the way: it is not possible to change an existing partition to encrypt it - it has to be
recreated, destroying any contents. And viceversa.

Aything else, just ask

–
Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)