From owner-freebsd-geom@FreeBSD.ORG  Thu Jan 25 11:48:35 2007
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@freebsd.org
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 548AD16A402
	for <freebsd-geom@freebsd.org>; Thu, 25 Jan 2007 11:48:35 +0000 (UTC)
	(envelope-from pjd@garage.freebsd.pl)
Received: from mail.garage.freebsd.pl (arm132.internetdsl.tpnet.pl
	[83.17.198.132])
	by mx1.freebsd.org (Postfix) with ESMTP id ACA7A13C441
	for <freebsd-geom@freebsd.org>; Thu, 25 Jan 2007 11:48:34 +0000 (UTC)
	(envelope-from pjd@garage.freebsd.pl)
Received: by mail.garage.freebsd.pl (Postfix, from userid 65534)
	id D8E1E487FD; Thu, 25 Jan 2007 12:48:31 +0100 (CET)
Received: from localhost (pjd.wheel.pl [10.0.1.1])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.garage.freebsd.pl (Postfix) with ESMTP id 74ADD45696;
	Thu, 25 Jan 2007 12:48:23 +0100 (CET)
Date: Thu, 25 Jan 2007 12:47:42 +0100
From: Pawel Jakub Dawidek <pjd@FreeBSD.org>
To: Thomas Nickl <T.Nickl@gmx.net>
Message-ID: <20070125114742.GA27181@garage.freebsd.pl>
References: <45B69DE3.1050407@gmx.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="qMm9M+Fa2AknHoGS"
Content-Disposition: inline
In-Reply-To: <45B69DE3.1050407@gmx.net>
X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc
X-OS: FreeBSD 7.0-CURRENT i386
User-Agent: mutt-ng/devel-r804 (FreeBSD)
X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on 
	mail.garage.freebsd.pl
X-Spam-Level: 
X-Spam-Status: No, score=-5.9 required=3.0 tests=ALL_TRUSTED,BAYES_00 
	autolearn=ham version=3.0.4
Cc: freebsd-geom@freebsd.org
Subject: Re: GELI: change keyfile to passphrase
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
	<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jan 2007 11:48:35 -0000


--qMm9M+Fa2AknHoGS
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Jan 24, 2007 at 12:44:35AM +0100, Thomas Nickl wrote:
> Hi,
>=20
> I know a way to destroy your geli partition without knowing ;) :
>=20
> dd if=3D/dev/random of=3D/tmp/keyfile count=3D1 bs=3D128
> geli init -s 4096 -b -P -K /tmp/keyfile /dev/md9
> geli attach -p -k /tmp/keyfile /dev/md9
> geli setkey -n 0 /dev/md9
> > <new password entered twice>
> geli detach /dev/md9
> geli attach /dev/md9
> > Missing -p flag.
> geli attach -p /dev/md9
> > No key components given.
> geli attach -p -k /tmp/keyfile /dev/md9
> > Wrong key for md9.
>=20
> Replacing the setkey line with
> geli setkey -n 0 -p -k /tmp/keyfile /dev/md9
> doesen't help.
>=20
> HOWEVER,
> geli detach /dev/md9
> and then
> geli setkey -n 0 -p -k /tmp/keyfile /dev/md9
> works as designed ("geli attach /dev/md9" now asks for a passphrase)
>=20
> So I can recommend: never set a key with an attached media.
>=20
> I have "FreeBSD washu 6.1-RELEASE FreeBSD 6.1-RELEASE #0: Sun May  7 04:4=
2:56 UTC 2006   root@opus.cse.buffalo.edu:/usr/obj/usr/src/sys/SMP  i386".

This was a bug, which is fixed in the following revisions:

src/sbin/geom/class/eli/geom_eli.c 1.19
src/sbin/geom/misc/subr.c 1.7
src/sbin/geom/misc/subr.h 1.8

The explanation from the commit log:

When the following conditions are meet:
- First configured key is based only on keyfile (no passphrase).
- Device is attached.
- User changes first key (setkey) from keyfile to passphrase and doesn't
  specify number of iterations (with -i option).
=2E..geli(8) won't store calculated number of iterations in metadata.
This result in device beeing unaccesable after detach.

One can recover from this situation by guessing number of iterations
generated, storing it in metadata and trying to attach device.
Recovery procedure isn't nice, but one's data is not lost.

PS. Just to clarify. This bug doesn't affect geli(8) security in any way.
    It affects only data availability and it is possible to recover data.

Thank you for your report!

--=20
Pawel Jakub Dawidek                       http://www.wheel.pl
pjd@FreeBSD.org                           http://www.FreeBSD.org
FreeBSD committer                         Am I Evil? Yes, I Am!

--qMm9M+Fa2AknHoGS
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (FreeBSD)

iD8DBQFFuJjdForvXbEpPzQRAufkAJ43fPQhQFReH1ntKun1nRLvq2ixRgCg91OS
pivZtDNGImHCCl/AQgBqnLA=
=rkkn
-----END PGP SIGNATURE-----

--qMm9M+Fa2AknHoGS--