Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 5 Jul 2004 19:31:55 +0200 (CEST)
From:      tthorsten@yahoo.de
To:        Allan Fields <bsd@afields.ca>
Cc:        freebsd-geom@freebsd.org
Subject:   Re: Problem in attaching newly encrypted disk
Message-ID:  <Pine.NEB.4.60.0407051925140.18543@otaku.freeshell.org>
In-Reply-To: <20040705165030.GD70272@afields.ca>
References:  <Pine.NEB.4.60.0407051813340.29828@otaku.freeshell.org> <20040705165030.GD70272@afields.ca>

next in thread | previous in thread | raw e-mail | index | archive | help
> Date: Mon, 5 Jul 2004 12:50:30 -0400
> From: Allan Fields <bsd@afields.ca>
> To: tthorsten@yahoo.de
> Cc: freebsd-geom@freebsd.org
> Subject: Re: Problem in attaching newly encrypted disk
> 
> On Mon, Jul 05, 2004 at 06:26:34PM +0200, tthorsten@yahoo.de wrote:
>> Hi,
>>
>> I have a serious problem after I have done the following steps:
>>
>> Initalized new encrypted disk with
>>  gbde init /dev/ad1s1c -i -L /etc/gbde/ad1s1c
>>   -> sector_size = 2048
>>   -> one key
>>
>> Attached it to the kernel via
>>  gbde attach ad1s1c -l /etc/gbde/ad1s1c
>>
>> Created new filesystem with
>>  newfs -U /dev/ad1s1c.bde
>>
>> Mounted the filesystem with
>>  mount /dev/ad1s1c.bde /dsk
>>
>> Then I put all my private data onto the newly created encrypted disk and
>> unmounted and detached it from kernel before halting the system.
>>
>> When I started the system again and tried to attach the disk again with
>>  gbde attach ad1s1c -l /etc/gbde/ad1s1c
>> NOTHING HAPPENS! There will no /dev/ad1s1c.bde device there to mount.
>> The Passphrase is correct!
>
> Hmm.. you're volume may be corrupted now, see below..
>
>>
>> So I made a dd of the first 1MB of /dev/ad1s1c and did a strings on it.
>> See output at end of this mail.
>> There are Error MEssages like "Read Boot error", "not a directory", "not
>> ufs format"
>> etc. I do not have such error messages in the dd output from other
>> encrypted partitions
>> I use.
>>
>> What went wrong? Does anybody have an answer or is all my data lost?
>
> Simple answer: yes, and this is one of the risks with all encrypted
> file systems.  Probablly quite challenging to get it back absent
> backups.
>
>> I would be very happy, if anybody could help me with this.
>
> Is it possible you've written boot code on-top of the encrypted volume?
> Those strings look to belong to boot loader.
>
> You probably shouldn't have used the raw partition for the encrypted volume,
> next time disklabel the disk and use /dev/ad1s1a .  I don't know why you
> want boot code on the second disk anyhow.
>
> Just out of curiosity, what is the output of:
>
> 	fdisk ad1 ?
>
> 	disklabel ad1s1
>

Hmm, seems really to be boot loader code. But I did not use fdisk or disklabel
after creation of the encrypted disk.
Did not know that its better to not use the raw partition :-(

Ok, thanks and here is the output of fdisk and disklabel:


root@freebsd52:/root # fdisk ad1
******* Working on device /dev/ad1 *******
parameters extracted from in-core disklabel are:
cylinders=166440 heads=16 sectors/track=63 (1008 blks/cyl)

Figures below won't work with BIOS for partitions not in cyl 1
parameters to be used for BIOS calculations are:
cylinders=166440 heads=16 sectors/track=63 (1008 blks/cyl)

Media sector size is 512
Warning: BIOS sector numbering starts with sector 1
Information from DOS bootblock is:
The data for partition 1 is:
sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD)
     start 63, size 167766732 (81917 Meg), flag 80 (active)
         beg: cyl 0/ head 1/ sector 1;
         end: cyl 1023/ head 254/ sector 63
The data for partition 2 is:
<UNUSED>
The data for partition 3 is:
<UNUSED>
The data for partition 4 is:
<UNUSED>


root@freebsd52:/root # disklabel ad1s1
# /dev/ad1s1:
8 partitions:
#        size   offset    fstype   [fsize bsize bps/cpg]
   c: 167766732        0    unused        0     0         # "raw" part, don't edit



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.4.60.0407051925140.18543>