Date: Mon, 5 Jul 2004 19:31:55 +0200 (CEST) From: tthorsten@yahoo.de To: Allan Fields <bsd@afields.ca> Cc: freebsd-geom@freebsd.org Subject: Re: Problem in attaching newly encrypted disk Message-ID: <Pine.NEB.4.60.0407051925140.18543@otaku.freeshell.org> In-Reply-To: <20040705165030.GD70272@afields.ca> References: <Pine.NEB.4.60.0407051813340.29828@otaku.freeshell.org> <20040705165030.GD70272@afields.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
> Date: Mon, 5 Jul 2004 12:50:30 -0400 > From: Allan Fields <bsd@afields.ca> > To: tthorsten@yahoo.de > Cc: freebsd-geom@freebsd.org > Subject: Re: Problem in attaching newly encrypted disk > > On Mon, Jul 05, 2004 at 06:26:34PM +0200, tthorsten@yahoo.de wrote: >> Hi, >> >> I have a serious problem after I have done the following steps: >> >> Initalized new encrypted disk with >> gbde init /dev/ad1s1c -i -L /etc/gbde/ad1s1c >> -> sector_size = 2048 >> -> one key >> >> Attached it to the kernel via >> gbde attach ad1s1c -l /etc/gbde/ad1s1c >> >> Created new filesystem with >> newfs -U /dev/ad1s1c.bde >> >> Mounted the filesystem with >> mount /dev/ad1s1c.bde /dsk >> >> Then I put all my private data onto the newly created encrypted disk and >> unmounted and detached it from kernel before halting the system. >> >> When I started the system again and tried to attach the disk again with >> gbde attach ad1s1c -l /etc/gbde/ad1s1c >> NOTHING HAPPENS! There will no /dev/ad1s1c.bde device there to mount. >> The Passphrase is correct! > > Hmm.. you're volume may be corrupted now, see below.. > >> >> So I made a dd of the first 1MB of /dev/ad1s1c and did a strings on it. >> See output at end of this mail. >> There are Error MEssages like "Read Boot error", "not a directory", "not >> ufs format" >> etc. I do not have such error messages in the dd output from other >> encrypted partitions >> I use. >> >> What went wrong? Does anybody have an answer or is all my data lost? > > Simple answer: yes, and this is one of the risks with all encrypted > file systems. Probablly quite challenging to get it back absent > backups. > >> I would be very happy, if anybody could help me with this. > > Is it possible you've written boot code on-top of the encrypted volume? > Those strings look to belong to boot loader. > > You probably shouldn't have used the raw partition for the encrypted volume, > next time disklabel the disk and use /dev/ad1s1a . I don't know why you > want boot code on the second disk anyhow. > > Just out of curiosity, what is the output of: > > fdisk ad1 ? > > disklabel ad1s1 > Hmm, seems really to be boot loader code. But I did not use fdisk or disklabel after creation of the encrypted disk. Did not know that its better to not use the raw partition :-( Ok, thanks and here is the output of fdisk and disklabel: root@freebsd52:/root # fdisk ad1 ******* Working on device /dev/ad1 ******* parameters extracted from in-core disklabel are: cylinders=166440 heads=16 sectors/track=63 (1008 blks/cyl) Figures below won't work with BIOS for partitions not in cyl 1 parameters to be used for BIOS calculations are: cylinders=166440 heads=16 sectors/track=63 (1008 blks/cyl) Media sector size is 512 Warning: BIOS sector numbering starts with sector 1 Information from DOS bootblock is: The data for partition 1 is: sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD) start 63, size 167766732 (81917 Meg), flag 80 (active) beg: cyl 0/ head 1/ sector 1; end: cyl 1023/ head 254/ sector 63 The data for partition 2 is: <UNUSED> The data for partition 3 is: <UNUSED> The data for partition 4 is: <UNUSED> root@freebsd52:/root # disklabel ad1s1 # /dev/ad1s1: 8 partitions: # size offset fstype [fsize bsize bps/cpg] c: 167766732 0 unused 0 0 # "raw" part, don't edit
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.4.60.0407051925140.18543>