[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-crypto-vger
Subject:    Re: how the key is generated?
From:       Milan Broz <mbroz () redhat ! com>
Date:       2010-01-27 8:21:01
Message-ID: 4B5FF76D.3080406 () redhat ! com
[Download RAW message or body]

On 01/27/2010 04:21 AM, Bai Shuwei wrote:
> On Tue, Jan 26, 2010 at 4:58 PM, Milan Broz <mbroz@redhat.com> wrote:
> I use "dmsetup table --showkeys" get the bellow information.
> 
> disk$ sudo dmsetup table --showkeys /dev/mapper/dsi0
> 0 2040 crypt aes-xts-plain
> 3131313131313131313131313131313131313131313131313131313131313131 0 7:0
> 2056
> 
> If i forget the passphase, can i use the above information/key to
> recovery my disk?

yes, if you know mapping table (iow: key, cipher and mode,
IV and device offset), you can map this device directly using dmsetup.
(try dmsetup create dsi0 --table "0 2040 crypt .... 7:0 2056")

Anyway, you can better backup LUKS header and use some other passphrase,
there is also volume_key project, which implements key escrow (for cryptsetup too).

Milan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]