From owner-freebsd-geom@FreeBSD.ORG Thu Jan 25 11:48:35 2007 Return-Path: X-Original-To: freebsd-geom@freebsd.org Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 548AD16A402 for ; Thu, 25 Jan 2007 11:48:35 +0000 (UTC) (envelope-from pjd@garage.freebsd.pl) Received: from mail.garage.freebsd.pl (arm132.internetdsl.tpnet.pl [83.17.198.132]) by mx1.freebsd.org (Postfix) with ESMTP id ACA7A13C441 for ; Thu, 25 Jan 2007 11:48:34 +0000 (UTC) (envelope-from pjd@garage.freebsd.pl) Received: by mail.garage.freebsd.pl (Postfix, from userid 65534) id D8E1E487FD; Thu, 25 Jan 2007 12:48:31 +0100 (CET) Received: from localhost (pjd.wheel.pl [10.0.1.1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.garage.freebsd.pl (Postfix) with ESMTP id 74ADD45696; Thu, 25 Jan 2007 12:48:23 +0100 (CET) Date: Thu, 25 Jan 2007 12:47:42 +0100 From: Pawel Jakub Dawidek To: Thomas Nickl Message-ID: <20070125114742.GA27181@garage.freebsd.pl> References: <45B69DE3.1050407@gmx.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="qMm9M+Fa2AknHoGS" Content-Disposition: inline In-Reply-To: <45B69DE3.1050407@gmx.net> X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 7.0-CURRENT i386 User-Agent: mutt-ng/devel-r804 (FreeBSD) X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on mail.garage.freebsd.pl X-Spam-Level: X-Spam-Status: No, score=-5.9 required=3.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.0.4 Cc: freebsd-geom@freebsd.org Subject: Re: GELI: change keyfile to passphrase X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Jan 2007 11:48:35 -0000 --qMm9M+Fa2AknHoGS Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jan 24, 2007 at 12:44:35AM +0100, Thomas Nickl wrote: > Hi, >=20 > I know a way to destroy your geli partition without knowing ;) : >=20 > dd if=3D/dev/random of=3D/tmp/keyfile count=3D1 bs=3D128 > geli init -s 4096 -b -P -K /tmp/keyfile /dev/md9 > geli attach -p -k /tmp/keyfile /dev/md9 > geli setkey -n 0 /dev/md9 > > > geli detach /dev/md9 > geli attach /dev/md9 > > Missing -p flag. > geli attach -p /dev/md9 > > No key components given. > geli attach -p -k /tmp/keyfile /dev/md9 > > Wrong key for md9. >=20 > Replacing the setkey line with > geli setkey -n 0 -p -k /tmp/keyfile /dev/md9 > doesen't help. >=20 > HOWEVER, > geli detach /dev/md9 > and then > geli setkey -n 0 -p -k /tmp/keyfile /dev/md9 > works as designed ("geli attach /dev/md9" now asks for a passphrase) >=20 > So I can recommend: never set a key with an attached media. >=20 > I have "FreeBSD washu 6.1-RELEASE FreeBSD 6.1-RELEASE #0: Sun May 7 04:4= 2:56 UTC 2006 root@opus.cse.buffalo.edu:/usr/obj/usr/src/sys/SMP i386". This was a bug, which is fixed in the following revisions: src/sbin/geom/class/eli/geom_eli.c 1.19 src/sbin/geom/misc/subr.c 1.7 src/sbin/geom/misc/subr.h 1.8 The explanation from the commit log: When the following conditions are meet: - First configured key is based only on keyfile (no passphrase). - Device is attached. - User changes first key (setkey) from keyfile to passphrase and doesn't specify number of iterations (with -i option). =2E..geli(8) won't store calculated number of iterations in metadata. This result in device beeing unaccesable after detach. One can recover from this situation by guessing number of iterations generated, storing it in metadata and trying to attach device. Recovery procedure isn't nice, but one's data is not lost. PS. Just to clarify. This bug doesn't affect geli(8) security in any way. It affects only data availability and it is possible to recover data. Thank you for your report! --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --qMm9M+Fa2AknHoGS Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (FreeBSD) iD8DBQFFuJjdForvXbEpPzQRAufkAJ43fPQhQFReH1ntKun1nRLvq2ixRgCg91OS pivZtDNGImHCCl/AQgBqnLA= =rkkn -----END PGP SIGNATURE----- --qMm9M+Fa2AknHoGS--