From owner-freebsd-geom@FreeBSD.ORG Sun Apr 4 15:42:36 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 77DB816A4CE for ; Sun, 4 Apr 2004 15:42:36 -0700 (PDT) Received: from ms-smtp-03.nyroc.rr.com (ms-smtp-03.nyroc.rr.com [24.24.2.57]) by mx1.FreeBSD.org (Postfix) with ESMTP id 179D743D2D for ; Sun, 4 Apr 2004 15:42:36 -0700 (PDT) (envelope-from mmarkows@twcny.rr.com) Received: from ms-mss-04 ([10.10.4.14])i34MgXVS018016 for ; Sun, 4 Apr 2004 18:42:33 -0400 (EDT) Received: from nyroc.rr.com (localhost [127.0.0.1]) by ms-mss-04.nyroc.rr.com (iPlanet Messaging Server 5.2 HotFix 1.21 (built Sep 8 2003)) with ESMTP id <0HVO00LID4EXJM@ms-mss-04.nyroc.rr.com> for freebsd-geom@freebsd.org; Sun, 04 Apr 2004 18:42:33 -0400 (EDT) Received: from [10.10.6.27] (Forwarded-For: [128.153.105.136]) by ms-mss-04.nyroc.rr.com (mshttpd); Sun, 04 Apr 2004 18:42:33 -0400 Date: Sun, 04 Apr 2004 18:42:33 -0400 From: mmarkows@twcny.rr.com To: freebsd-geom@freebsd.org Message-id: MIME-version: 1.0 X-Mailer: iPlanet Messenger Express 5.2 HotFix 1.21 (built Sep 8 2003) Content-type: text/plain; charset=us-ascii Content-language: en Content-transfer-encoding: 7BIT Content-disposition: inline X-Accept-Language: en Priority: normal X-Virus-Scanned: Symantec AntiVirus Scan Engine Subject: how ro recover encrypted slice X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: mmarkows@twcny.rr.com List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Apr 2004 22:42:36 -0000 Hi, I mounted a GEOM-encrypted slice to /home2 and stored all my data there. Two days ago, I decided to update my FreeBSD from 5.2 to 5.2.1. I have done it several times before, so I felt self-assured. I backed up my config files, forgetting unfortunately about /etc/gbde/ad1s2. During the update procedure my system was messed up to the extent that it seemed reasonable to do a clean install of 5.2.1. I did it without saving /etc/gbde/ad1s2, and without touching the encrypted slice. Now, I am in a predicament because I cannot access my files that I need for my work tomorrow. I know that I messed up, but my last backup is 3 weeks old, and essentially it is no good any more. Is there any way to recover the data? I have 13 hours to do it. Thank you for your time. Maciej. From owner-freebsd-geom@FreeBSD.ORG Sun Apr 4 18:42:47 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3F61016A4CE for ; Sun, 4 Apr 2004 18:42:47 -0700 (PDT) Received: from afields.ca (afields.ca [216.194.67.132]) by mx1.FreeBSD.org (Postfix) with ESMTP id C8A6443D5D for ; Sun, 4 Apr 2004 18:42:46 -0700 (PDT) (envelope-from afields@afields.ca) Received: from afields.ca (localhost.afields.ca [127.0.0.1]) by afields.ca (8.12.6/8.12.9) with ESMTP id i351gkSd020841; Sun, 4 Apr 2004 21:42:46 -0400 (EDT) (envelope-from afields@afields.ca) Received: (from afields@localhost) by afields.ca (8.12.6/8.12.9/Submit) id i351gkt3020840; Sun, 4 Apr 2004 21:42:46 -0400 (EDT) (envelope-from afields) Date: Sun, 4 Apr 2004 21:42:46 -0400 From: Allan Fields To: mmarkows@twcny.rr.com Message-ID: <20040405014246.GN93496@afields.ca> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4i cc: freebsd-geom@freebsd.org Subject: Re: how ro recover encrypted slice X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Allan Fields List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Apr 2004 01:42:47 -0000 On Sun, Apr 04, 2004 at 06:42:33PM -0400, mmarkows@twcny.rr.com wrote: > Hi, > > I mounted a GEOM-encrypted slice to /home2 and stored all my data there. Two days ago, I decided to update my FreeBSD from 5.2 to 5.2.1. I have done it several times before, so I felt self-assured. I backed up my config files, forgetting unfortunately about /etc/gbde/ad1s2. >From what you've stated it's clear that: a) You used a lock selector file (alternative is to use the first block of device) b) You've unlinked your lock file c) there has been the possibility you've over-written the blocks containing lock file data d) You know your master key still (this is good news) It's not clear what you did to initialize the device: a) filled it with random data (more secure/harder to bf) or not? b) what parameters if any you used while initializing GBDE device (I know this blurb isn't what your interested in hearing at this stage, but bear with me:) I would recommend in the future you keep a backup copy of the lock files and/or write down the provided lock sector addresses and possibly even store a backup of the master key in a safe location (if this meets your security requirements). An encrypted device brings with it risks that must be taken into account: your first question should be "do I have back-ups?" (Which could be encrypted for example with a different key or even a different system.) If you do, you can simply re-create the device, then restore from the backups. Right, so now, what can be done in your current situation? The best case is that you can still recover the lock file from your root slice or have a backup somewhere that you've forgotten about. Otherwise, you'll need to try to find the lock sectors on the device via brute force.. The gbde architecture is outlined in phk's gbde paper from BSDCon2003: if you haven't already taken a look at that paper, I would suggest you do now. Especially of interest is Section 7.2 about sector mapping. Basically you'd be searching the disk surface and it won't be something easy to do. Depending on how large your disk is, you need to find the lock sectors from the rest, which could take many hours or days even with the master key and it may require some intimate knowledge about the gbde code. (geom folks: feel free to correct me on anything I've mentioned, above.) > During the update procedure my system was messed up to the extent that it seemed reasonable to do a clean install of 5.2.1. I did it without saving /etc/gbde/ad1s2, and without touching the encrypted slice. > > Now, I am in a predicament because I cannot access my files that I need for my work tomorrow. I know that I messed up, but my last backup is 3 weeks old, and essentially it is no good any more. > > Is there any way to recover the data? I have 13 hours to do it. It's remotely possible you'll be able to get this data back, rushing definitely wont help you in these types of situations, you'll end up making more mistakes. Especially important is to keep the server down until you have resolved the problem and make a dump of your root partition or the whole disk in it's current state. If the server has to stay up, at least remount your root read-only for now and hope that you will be able to recover your lock selector file. > Thank you for your time. > > Maciej. Best of luck, -- Allan Fields _.^. ,_ ,. ._ . Afields Research/AFRSL - http://afields.ca <,'/-\/- /\'_| /_ BSDCan: May 2004, Ottawa - http://www.bsdcan.org `'|'====-=--- -- - `---- -- - From owner-freebsd-geom@FreeBSD.ORG Sun Apr 4 19:31:28 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 50D5416A4CE for ; Sun, 4 Apr 2004 19:31:28 -0700 (PDT) Received: from afields.ca (afields.ca [216.194.67.132]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2299B43D55 for ; Sun, 4 Apr 2004 19:31:28 -0700 (PDT) (envelope-from afields@afields.ca) Received: from afields.ca (localhost.afields.ca [127.0.0.1]) by afields.ca (8.12.6/8.12.9) with ESMTP id i352VRSd021021; Sun, 4 Apr 2004 22:31:27 -0400 (EDT) (envelope-from afields@afields.ca) Received: (from afields@localhost) by afields.ca (8.12.6/8.12.9/Submit) id i352VRRt021020; Sun, 4 Apr 2004 22:31:27 -0400 (EDT) (envelope-from afields) Date: Sun, 4 Apr 2004 22:31:27 -0400 From: Allan Fields To: mmarkows@twcny.rr.com Message-ID: <20040405023127.GA20748@afields.ca> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4i cc: freebsd-geom@freebsd.org Subject: Re: how ro recover encrypted slice X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Apr 2004 02:31:28 -0000 On Sun, Apr 04, 2004 at 06:42:33PM -0400, mmarkows@twcny.rr.com wrote: > Now, I am in a predicament because I cannot access my files that I need for my work tomorrow. I know that I messed up, but my last backup is 3 weeks old, and essentially it is no good any more. > > Is there any way to recover the data? I have 13 hours to do it. Rather, to clarify: you could spend a _very_ long time on this: significantly more than a few days. Usually, time is not on your side when you're up against a crypto challenge and don't have lots of resources at your disposal. If you don't manage to get the lock-file back you might want to cut your losses and move on to plan B for the night. I'd be interested to hear how things work-out for you. > Thank you for your time. > Maciej. Regards, -- Allan Fields _.^. ,_ ,. ._ . Afields Research/AFRSL - http://afields.ca <,'/-\/- /\'_| /_ BSDCan: May 2004, Ottawa - http://www.bsdcan.org `'|'====-=--- -- - `---- -- - From owner-freebsd-geom@FreeBSD.ORG Mon Apr 5 00:21:23 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B68FE16A4CE for ; Mon, 5 Apr 2004 00:21:23 -0700 (PDT) Received: from critter.freebsd.dk (0x50a171c6.naenxx7.adsl-dhcp.tele.dk [80.161.113.198]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7496C43D39 for ; Mon, 5 Apr 2004 00:21:22 -0700 (PDT) (envelope-from phk@phk.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.12.11/8.12.11) with ESMTP id i357LJM9001789; Mon, 5 Apr 2004 09:21:19 +0200 (CEST) (envelope-from phk@phk.freebsd.dk) To: mmarkows@twcny.rr.com From: "Poul-Henning Kamp" In-Reply-To: Your message of "Sun, 04 Apr 2004 18:42:33 EDT." Date: Mon, 05 Apr 2004 09:21:19 +0200 Message-ID: <1788.1081149679@critter.freebsd.dk> cc: freebsd-geom@freebsd.org Subject: Re: how ro recover encrypted slice X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Apr 2004 07:21:23 -0000 In message , mmarkows@twcny.rr.com writ es: >Hi, > >I mounted a GEOM-encrypted slice to /home2 and stored all my data there. Two days ago, I decided to update my FreeBSD from 5.2 to 5.2.1. I have done it several times before, so I felt self-assured. I backed up my config files, forgetting unfortunately about /etc/gbde/ad1s2. > >During the update procedure my system was messed up to the extent that it seemed reasonable to do a clean install of 5.2.1. I did it without saving /etc/gbde/ad1s2, and without touching the encrypted slice. > >Now, I am in a predicament because I cannot access my files that I need for my work tomorrow. I know that I messed up, but my last backup is 3 weeks old, and essentially it is no good any more. > >Is there any way to recover the data? I have 13 hours to do it. The data stored in the file you lost is only the encrypted location of the master key, so in theory you could do a brute force search for the master key. Unless your encrypted partition is of rather trivial size, this will take a lot of time. You will need to adapt the code from gbde(8) to do this, but that should be rather straight forward: simply try every single byte offset on the disk. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-geom@FreeBSD.ORG Mon Apr 5 02:35:19 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AB02616A4CE for ; Mon, 5 Apr 2004 02:35:19 -0700 (PDT) Received: from hanoi.cronyx.ru (hanoi.cronyx.ru [144.206.181.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id C054443D5C for ; Mon, 5 Apr 2004 02:35:18 -0700 (PDT) (envelope-from rik@cronyx.ru) Received: (from root@localhost) by hanoi.cronyx.ru id i359W7qt030040 for freebsd-geom@freebsd.org.checked; (8.12.8/vak/2.1) Mon, 5 Apr 2004 13:32:07 +0400 (MSD) (envelope-from rik@cronyx.ru) Received: from cronyx.ru (hi.cronyx.ru [144.206.181.94]) by hanoi.cronyx.ru with ESMTP id i359Ukgp029961 for ; (8.12.8/vak/2.1) Mon, 5 Apr 2004 13:30:46 +0400 (MSD) (envelope-from rik@cronyx.ru) Message-ID: <40712741.5020208@cronyx.ru> Date: Mon, 05 Apr 2004 13:30:41 +0400 From: Roman Kurakin User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6b) Gecko/20031208 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-geom@freebsd.org Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Subject: sysinstall X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Apr 2004 09:35:19 -0000 Hi, If sysinstall detects wrong geometry, it tries to correct it and suggests to use G option to chage geometry if I disagree with it. But it doesn't allow to set whatever geometry I want with G. Is this intentional behaviour or it should be fixed. (in case it should be fixed I may send my solution of this problem). PS. While searching for other things, I repeatedly faced with threads about such problem, and if my memory does not fail, I saw pr about it. But now I can't find any prs and messages about this behaviour of sysinstall. So please take my apologies if I am opening already closed subject. Best regards, Roman Kurakin From owner-freebsd-geom@FreeBSD.ORG Mon Apr 5 09:21:29 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A3B2016A4CE for ; Mon, 5 Apr 2004 09:21:29 -0700 (PDT) Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id F186743D48 for ; Mon, 5 Apr 2004 09:21:28 -0700 (PDT) (envelope-from phk@phk.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.12.11/8.12.11) with ESMTP id i35GLOCo002303; Mon, 5 Apr 2004 18:21:28 +0200 (CEST) (envelope-from phk@phk.freebsd.dk) To: Max Khon From: "Poul-Henning Kamp" In-Reply-To: Your message of "Mon, 05 Apr 2004 23:17:02 +0700." <20040405161702.GA29084@samodelkin.net> Date: Mon, 05 Apr 2004 18:21:24 +0200 Message-ID: <2302.1081182084@critter.freebsd.dk> cc: geom@freebsd.org Subject: Re: geom_ugz X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Apr 2004 16:21:29 -0000 In message <20040405161702.GA29084@samodelkin.net>, Max Khon writes: >Hello! > >Several people asked if I will commit geom_ugz kernel module to >FreeBSD CVS tree. What is the policy for adding new geom classes? "go for it" is the closest we get to a policy. Some specific requests: 1. Put it in a subdir under src/sys/geom. 2. Please include a regressiontest in src/tools/regression[/geom]. 3. Module, manpage etc. If you want a review, then mail me where I can find the source and a couple of easy "how to" examples". -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-geom@FreeBSD.ORG Mon Apr 5 09:33:45 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 076A916A4CE for ; Mon, 5 Apr 2004 09:33:45 -0700 (PDT) Received: from neo.samodelkin.net (samodelkin.net [81.176.202.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id AF1B843D39 for ; Mon, 5 Apr 2004 09:33:44 -0700 (PDT) (envelope-from fjoe@neo.samodelkin.net) Received: by neo.samodelkin.net (Postfix, from userid 1000) id 1D5C456C; Mon, 5 Apr 2004 23:33:43 +0700 (NOVST) Date: Mon, 5 Apr 2004 23:33:42 +0700 From: Max Khon To: Poul-Henning Kamp Message-ID: <20040405163342.GB29084@samodelkin.net> References: <20040405161702.GA29084@samodelkin.net> <2302.1081182084@critter.freebsd.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2302.1081182084@critter.freebsd.dk> User-Agent: Mutt/1.4.2i cc: geom@freebsd.org Subject: Re: geom_ugz X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Apr 2004 16:33:45 -0000 Hello! On Mon, Apr 05, 2004 at 06:21:24PM +0200, Poul-Henning Kamp wrote: > >Several people asked if I will commit geom_ugz kernel module to > >FreeBSD CVS tree. What is the policy for adding new geom classes? > > "go for it" is the closest we get to a policy. > > Some specific requests: > > 1. Put it in a subdir under src/sys/geom. > > 2. Please include a regressiontest in src/tools/regression[/geom]. Do I understand correctly that this regression test should not require anything from ports? I though about regression test and I need either makefs or mkisofs for it. > 3. Module, manpage etc. Got it! > If you want a review, then mail me where I can find the source and a > couple of easy "how to" examples". http://people.freebsd.org/~fjoe/geom_ugz/ Regards, /fjoe From owner-freebsd-geom@FreeBSD.ORG Mon Apr 5 09:38:52 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A2F5216A4CE for ; Mon, 5 Apr 2004 09:38:52 -0700 (PDT) Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 09FE243D2D for ; Mon, 5 Apr 2004 09:38:52 -0700 (PDT) (envelope-from phk@phk.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.12.11/8.12.11) with ESMTP id i35GcnBE002567; Mon, 5 Apr 2004 18:38:49 +0200 (CEST) (envelope-from phk@phk.freebsd.dk) To: Max Khon From: "Poul-Henning Kamp" In-Reply-To: Your message of "Mon, 05 Apr 2004 23:33:42 +0700." <20040405163342.GB29084@samodelkin.net> Date: Mon, 05 Apr 2004 18:38:49 +0200 Message-ID: <2566.1081183129@critter.freebsd.dk> cc: geom@freebsd.org Subject: Re: geom_ugz X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Apr 2004 16:38:52 -0000 In message <20040405163342.GB29084@samodelkin.net>, Max Khon writes: >Hello! > >On Mon, Apr 05, 2004 at 06:21:24PM +0200, Poul-Henning Kamp wrote: > >> >Several people asked if I will commit geom_ugz kernel module to >> >FreeBSD CVS tree. What is the policy for adding new geom classes? >> >> "go for it" is the closest we get to a policy. >> >> Some specific requests: >> >> 1. Put it in a subdir under src/sys/geom. >> >> 2. Please include a regressiontest in src/tools/regression[/geom]. > >Do I understand correctly that this regression test should not require >anything from ports? I though about regression test and I need either >makefs or mkisofs for it. Create a really small compressed image, uuencode it and include it with your regression test. Alternatively, consider the XML format used by the geom regression tests. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-geom@FreeBSD.ORG Mon Apr 5 11:28:55 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 34E8F16A4CE for ; Mon, 5 Apr 2004 11:28:55 -0700 (PDT) Received: from mail6.speakeasy.net (mail6.speakeasy.net [216.254.0.206]) by mx1.FreeBSD.org (Postfix) with ESMTP id EEDEF43D41 for ; Mon, 5 Apr 2004 11:28:54 -0700 (PDT) (envelope-from jmg@hydrogen.funkthat.com) Received: (qmail 16841 invoked from network); 5 Apr 2004 18:28:54 -0000 Received: from dsl017-045-168.spk4.dsl.speakeasy.net (HELO hydrogen.funkthat.com) ([69.17.45.168]) (envelope-sender ) by mail6.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 5 Apr 2004 18:28:54 -0000 Received: from hydrogen.funkthat.com (nmbcnc@localhost.funkthat.com [127.0.0.1])i35ISrOE011368; Mon, 5 Apr 2004 11:28:53 -0700 (PDT) (envelope-from jmg@hydrogen.funkthat.com) Received: (from jmg@localhost) by hydrogen.funkthat.com (8.12.10/8.12.10/Submit) id i35ISqDD011367; Mon, 5 Apr 2004 11:28:52 -0700 (PDT) Date: Mon, 5 Apr 2004 11:28:52 -0700 From: John-Mark Gurney To: Poul-Henning Kamp Message-ID: <20040405182852.GC567@funkthat.com> References: <1788.1081149679@critter.freebsd.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1788.1081149679@critter.freebsd.dk> User-Agent: Mutt/1.4.1i X-Operating-System: FreeBSD 4.2-RELEASE i386 X-PGP-Fingerprint: B7 EC EF F8 AE ED A7 31 96 7A 22 B3 D8 56 36 F4 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html cc: mmarkows@twcny.rr.com cc: freebsd-geom@freebsd.org Subject: Re: how ro recover encrypted slice X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: John-Mark Gurney List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Apr 2004 18:28:55 -0000 Poul-Henning Kamp wrote this message on Mon, Apr 05, 2004 at 09:21 +0200: > In message , mmarkows@twcny.rr.com writ > es: > >I mounted a GEOM-encrypted slice to /home2 and stored all my data there. Two days ago, I decided to update my FreeBSD from 5.2 to 5.2.1. I have done it several times before, so I felt self-assured. I backed up my config files, forgetting unfortunately about /etc/gbde/ad1s2. > > > >During the update procedure my system was messed up to the extent that it seemed reasonable to do a clean install of 5.2.1. I did it without saving /etc/gbde/ad1s2, and without touching the encrypted slice. > > > >Now, I am in a predicament because I cannot access my files that I need for my work tomorrow. I know that I messed up, but my last backup is 3 weeks old, and essentially it is no good any more. > > > >Is there any way to recover the data? I have 13 hours to do it. > > The data stored in the file you lost is only the encrypted location of > the master key, so in theory you could do a brute force search for the > master key. Doesn't this mean he can restore from his 3 week old backup of /etc/gbde/ad1s2, and then get back to bussiness? I assume that his backup covered /etc... and that /etc/gbde/ad1s2 doesn't change over time... -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." From owner-freebsd-geom@FreeBSD.ORG Mon Apr 5 11:38:21 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3175C16A4CE for ; Mon, 5 Apr 2004 11:38:21 -0700 (PDT) Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8F66143D55 for ; Mon, 5 Apr 2004 11:38:20 -0700 (PDT) (envelope-from phk@phk.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.12.11/8.12.11) with ESMTP id i35IcEPW003551; Mon, 5 Apr 2004 20:38:14 +0200 (CEST) (envelope-from phk@phk.freebsd.dk) To: John-Mark Gurney From: "Poul-Henning Kamp" In-Reply-To: Your message of "Mon, 05 Apr 2004 11:28:52 PDT." <20040405182852.GC567@funkthat.com> Date: Mon, 05 Apr 2004 20:38:14 +0200 Message-ID: <3550.1081190294@critter.freebsd.dk> cc: mmarkows@twcny.rr.com cc: freebsd-geom@freebsd.org Subject: Re: how ro recover encrypted slice X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Apr 2004 18:38:21 -0000 In message <20040405182852.GC567@funkthat.com>, John-Mark Gurney writes: >Poul-Henning Kamp wrote this message on Mon, Apr 05, 2004 at 09:21 +0200: >> In message , mmarkows@twcny.rr.com writ >> es: >> >I mounted a GEOM-encrypted slice to /home2 and stored all my data there. Two days ago, I decided to update my FreeBSD from 5.2 to 5.2.1. I have done it several times before, so I felt self-assured. I backed up my config files, forgetting unfortunately about /etc/gbde/ad1s2. >> > >> >During the update procedure my system was messed up to the extent that it seemed reasonable to do a clean install of 5.2.1. I did it without saving /etc/gbde/ad1s2, and without touching the encrypted slice. >> > >> >Now, I am in a predicament because I cannot access my files that I need for my work tomorrow. I know that I messed up, but my last backup is 3 weeks old, and essentially it is no good any more. >> > >> >Is there any way to recover the data? I have 13 hours to do it. >> >> The data stored in the file you lost is only the encrypted location of >> the master key, so in theory you could do a brute force search for the >> master key. > >Doesn't this mean he can restore from his 3 week old backup of >/etc/gbde/ad1s2, and then get back to bussiness? I assume that his >backup covered /etc... and that /etc/gbde/ad1s2 doesn't change over >time... Provided you have not changed the password on your GBDE partition in the meantime: yes, you can do that. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-geom@FreeBSD.ORG Tue Apr 6 11:37:42 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7016616A4CE for ; Tue, 6 Apr 2004 11:37:42 -0700 (PDT) Received: from bremen.shuttle.de (bremen.shuttle.de [194.95.249.251]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3AF9B43D2D for ; Tue, 6 Apr 2004 11:37:42 -0700 (PDT) (envelope-from schweikh@schweikhardt.net) Received: by bremen.shuttle.de (Postfix, from userid 10) id 4FB4E3BF53; Tue, 6 Apr 2004 20:36:31 +0200 (CEST) Received: from hal9000.schweikhardt.net (localhost [127.0.0.1]) i36IaNZw017604 for ; Tue, 6 Apr 2004 20:36:23 +0200 (CEST) (envelope-from schweikh@hal9000.schweikhardt.net) Received: (from schweikh@localhost) by hal9000.schweikhardt.net (8.12.11/8.12.11/Submit) id i36IaNkJ017603 for geom@freebsd.org; Tue, 6 Apr 2004 20:36:23 +0200 (CEST) (envelope-from schweikh) Date: Tue, 6 Apr 2004 20:36:23 +0200 From: Jens Schweikhardt To: geom@freebsd.org Message-ID: <20040406183623.GA17430@schweikhardt.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.6i Subject: GEOM and grub X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Apr 2004 18:37:42 -0000 Hello *, it appears GEOM prevents grub from mucking with the MBR and/or the next 15 or so sectors where it wants to write stage1 and/or stage1_5 (grub reports failed write attempts). Is there any way to let grub do its magic (other than installing 4.X without geom, patching grub, booting a 4.X fixit CD)? I want rope to shoot my foot!!!1! :-) Regards, Jens -- Jens Schweikhardt http://www.schweikhardt.net/ SIGSIG -- signature too long (core dumped) From owner-freebsd-geom@FreeBSD.ORG Tue Apr 6 11:43:49 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6173316A4CE for ; Tue, 6 Apr 2004 11:43:49 -0700 (PDT) Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 868BC43D45 for ; Tue, 6 Apr 2004 11:43:48 -0700 (PDT) (envelope-from phk@phk.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.12.11/8.12.11) with ESMTP id i36Ih5NN011439; Tue, 6 Apr 2004 20:43:10 +0200 (CEST) (envelope-from phk@phk.freebsd.dk) To: Jens Schweikhardt From: "Poul-Henning Kamp" In-Reply-To: Your message of "Tue, 06 Apr 2004 20:36:23 +0200." <20040406183623.GA17430@schweikhardt.net> Date: Tue, 06 Apr 2004 20:43:05 +0200 Message-ID: <11438.1081276985@critter.freebsd.dk> cc: geom@freebsd.org Subject: Re: GEOM and grub X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Apr 2004 18:43:49 -0000 In message <20040406183623.GA17430@schweikhardt.net>, Jens Schweikhardt writes: >Hello *, > >it appears GEOM prevents grub from mucking with the MBR and/or the next >15 or so sectors where it wants to write stage1 and/or stage1_5 (grub >reports failed write attempts). > >Is there any way to let grub do its magic (other than installing 4.X >without geom, patching grub, booting a 4.X fixit CD)? I want rope >to shoot my foot!!!1! :-) sysctl kern.geom.debugflags=16 will allow you to write to the full disk even if it is open. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-geom@FreeBSD.ORG Tue Apr 6 11:46:51 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AC99116A4CE for ; Tue, 6 Apr 2004 11:46:51 -0700 (PDT) Received: from mailbox.univie.ac.at (mailbox.univie.ac.at [131.130.1.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1E31643D1F for ; Tue, 6 Apr 2004 11:46:51 -0700 (PDT) (envelope-from le@FreeBSD.org) Received: from wireless (adslle.cc.univie.ac.at [131.130.102.11]) i36IjILc1106164; Tue, 6 Apr 2004 20:45:19 +0200 Date: Tue, 6 Apr 2004 20:45:20 +0200 (CEST) From: Lukas Ertl To: Jens Schweikhardt In-Reply-To: <20040406183623.GA17430@schweikhardt.net> Message-ID: <20040406204455.L631@korben> References: <20040406183623.GA17430@schweikhardt.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-DCC-ZID-Univie-Metrics: imap 4244; Body=0 Fuz1=0 Fuz2=0 cc: geom@FreeBSD.org Subject: Re: GEOM and grub X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Apr 2004 18:46:51 -0000 On Tue, 6 Apr 2004, Jens Schweikhardt wrote: > Hello *, > > it appears GEOM prevents grub from mucking with the MBR and/or the next > 15 or so sectors where it wants to write stage1 and/or stage1_5 (grub > reports failed write attempts). > > Is there any way to let grub do its magic (other than installing 4.X > without geom, patching grub, booting a 4.X fixit CD)? I want rope > to shoot my foot!!!1! :-) Setting kern.geom.debugflags=16 should allow some foot shooting. cheers, le -- Lukas Ertl http://mailbox.univie.ac.at/~le/ le@FreeBSD.org http://people.freebsd.org/~le/ From owner-freebsd-geom@FreeBSD.ORG Tue Apr 6 12:23:22 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 293EC16A4CE for ; Tue, 6 Apr 2004 12:23:22 -0700 (PDT) Received: from darkness.comp.waw.pl (darkness.comp.waw.pl [195.117.238.236]) by mx1.FreeBSD.org (Postfix) with ESMTP id B6C4A43D54 for ; Tue, 6 Apr 2004 12:23:21 -0700 (PDT) (envelope-from pjd@darkness.comp.waw.pl) Received: by darkness.comp.waw.pl (Postfix, from userid 1009) id 6B569ACADB; Tue, 6 Apr 2004 20:44:47 +0200 (CEST) Date: Tue, 6 Apr 2004 20:44:47 +0200 From: Pawel Jakub Dawidek To: Jens Schweikhardt Message-ID: <20040406184447.GB661@darkness.comp.waw.pl> References: <20040406183623.GA17430@schweikhardt.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="4bRzO86E/ozDv8r1" Content-Disposition: inline In-Reply-To: <20040406183623.GA17430@schweikhardt.net> User-Agent: Mutt/1.4.2i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 5.2.1-RC2 i386 cc: geom@freebsd.org Subject: Re: GEOM and grub X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Apr 2004 19:23:22 -0000 --4bRzO86E/ozDv8r1 Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Apr 06, 2004 at 08:36:23PM +0200, Jens Schweikhardt wrote: +> Hello *, +>=20 +> it appears GEOM prevents grub from mucking with the MBR and/or the next +> 15 or so sectors where it wants to write stage1 and/or stage1_5 (grub +> reports failed write attempts). +>=20 +> Is there any way to let grub do its magic (other than installing 4.X +> without geom, patching grub, booting a 4.X fixit CD)? I want rope +> to shoot my foot!!!1! :-) # sysctl kern.geom.debugflags=3D16 It gives you _exactly_ what you want. --=20 Pawel Jakub Dawidek http://www.FreeBSD.org pjd@FreeBSD.org http://garage.freebsd.pl FreeBSD committer Am I Evil? Yes, I Am! --4bRzO86E/ozDv8r1 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAcvqfForvXbEpPzQRAq/lAJ4kzHYxkEvACiifJfl6oNi8N9o6twCeIVvO bHQmIvIVlRel2BnLWVfwh4g= =Ok2M -----END PGP SIGNATURE----- --4bRzO86E/ozDv8r1-- From owner-freebsd-geom@FreeBSD.ORG Tue Apr 6 12:23:22 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DEB5E16A4CE for ; Tue, 6 Apr 2004 12:23:22 -0700 (PDT) Received: from darkness.comp.waw.pl (darkness.comp.waw.pl [195.117.238.236]) by mx1.FreeBSD.org (Postfix) with ESMTP id 90F7143D45 for ; Tue, 6 Apr 2004 12:23:22 -0700 (PDT) (envelope-from pjd@darkness.comp.waw.pl) Received: by darkness.comp.waw.pl (Postfix, from userid 1009) id 1328CACAEE; Tue, 6 Apr 2004 20:47:01 +0200 (CEST) Date: Tue, 6 Apr 2004 20:47:01 +0200 From: Pawel Jakub Dawidek To: Poul-Henning Kamp Message-ID: <20040406184701.GC661@darkness.comp.waw.pl> References: <20040406183623.GA17430@schweikhardt.net> <11438.1081276985@critter.freebsd.dk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Qbvjkv9qwOGw/5Fx" Content-Disposition: inline In-Reply-To: <11438.1081276985@critter.freebsd.dk> User-Agent: Mutt/1.4.2i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 5.2.1-RC2 i386 cc: geom@freebsd.org cc: Jens Schweikhardt Subject: Re: GEOM and grub X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Apr 2004 19:23:23 -0000 --Qbvjkv9qwOGw/5Fx Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Apr 06, 2004 at 08:43:05PM +0200, Poul-Henning Kamp wrote: +> In message <20040406183623.GA17430@schweikhardt.net>, Jens Schweikhardt = writes: +> >Hello *, +> > +> >it appears GEOM prevents grub from mucking with the MBR and/or the next +> >15 or so sectors where it wants to write stage1 and/or stage1_5 (grub +> >reports failed write attempts). +> > +> >Is there any way to let grub do its magic (other than installing 4.X +> >without geom, patching grub, booting a 4.X fixit CD)? I want rope +> >to shoot my foot!!!1! :-) +>=20 +> sysctl kern.geom.debugflags=3D16 +>=20 +> will allow you to write to the full disk even if it is open. Do I said: THANK YOU! already?:) I was trying to create new file system, and instead of doing: # newfs -O2 /dev/ad0s2 I did: # newfs -O2 /dev/ad2 very important data for me were there, but geom_slice saved my ass: newfs: /dev/ad2: failed to open disk for writing :) --=20 Pawel Jakub Dawidek http://www.FreeBSD.org pjd@FreeBSD.org http://garage.freebsd.pl FreeBSD committer Am I Evil? Yes, I Am! --Qbvjkv9qwOGw/5Fx Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAcvslForvXbEpPzQRAtzOAJ4j+hl4ZMGbi9YyPHrTFYr/RSC7+wCeOGAB fElXTr/C0W748f+kv9H/zYw= =/3Bf -----END PGP SIGNATURE----- --Qbvjkv9qwOGw/5Fx-- From owner-freebsd-geom@FreeBSD.ORG Sat Apr 10 14:22:33 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 63C9416A4CE for ; Sat, 10 Apr 2004 14:22:33 -0700 (PDT) Received: from hanoi.cronyx.ru (hanoi.cronyx.ru [144.206.181.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id A659943D53 for ; Sat, 10 Apr 2004 14:22:32 -0700 (PDT) (envelope-from rik@cronyx.ru) Received: (from root@localhost) by hanoi.cronyx.ru id i3ALK1AW054243 for freebsd-geom@freebsd.org.checked; (8.12.8/vak/2.1) Sun, 11 Apr 2004 01:20:01 +0400 (MSD) (envelope-from rik@cronyx.ru) Received: from cronyx.ru (rik.cronyx.ru [172.22.4.1]) by hanoi.cronyx.ru with ESMTP id i3ALI4Lo054172; (8.12.8/vak/2.1) Sun, 11 Apr 2004 01:18:05 +0400 (MSD) (envelope-from rik@cronyx.ru) Message-ID: <407866A3.5060905@cronyx.ru> Date: Sun, 11 Apr 2004 01:26:59 +0400 From: Roman Kurakin User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020610 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Roman Kurakin References: <40712741.5020208@cronyx.ru> Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-geom@freebsd.org Subject: Re: sysinstall X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Apr 2004 21:22:33 -0000 Can somebody comment this to let me close this subject for myself. Thanks. rik Roman Kurakin wrote: > Hi, > > If sysinstall detects wrong geometry, it tries to correct it and > suggests > to use G option to chage geometry if I disagree with it. But it > doesn't allow > to set whatever geometry I want with G. Is this intentional behaviour > or it > should be fixed. (in case it should be fixed I may send my solution > of this > problem). > > PS. While searching for other things, I repeatedly faced with threads > about > such problem, and if my memory does not fail, I saw pr about it. But > now I > can't find any prs and messages about this behaviour of sysinstall. So > please > take my apologies if I am opening already closed subject. > > Best regards, > Roman Kurakin > > > > > _______________________________________________ > freebsd-geom@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-geom > To unsubscribe, send any mail to "freebsd-geom-unsubscribe@freebsd.org" > >