Date: Mon, 05 Apr 2004 09:21:19 +0200 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: mmarkows@twcny.rr.com Cc: freebsd-geom@freebsd.org Subject: Re: how ro recover encrypted slice Message-ID: <1788.1081149679@critter.freebsd.dk> In-Reply-To: Your message of "Sun, 04 Apr 2004 18:42:33 EDT." <c3421fc3355c.c3355cc3421f@nyroc.rr.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <c3421fc3355c.c3355cc3421f@nyroc.rr.com>, mmarkows@twcny.rr.com writ es: >Hi, > >I mounted a GEOM-encrypted slice to /home2 and stored all my data there. Two days ago, I decided to update my FreeBSD from 5.2 to 5.2.1. I have done it several times before, so I felt self-assured. I backed up my config files, forgetting unfortunately about /etc/gbde/ad1s2. > >During the update procedure my system was messed up to the extent that it seemed reasonable to do a clean install of 5.2.1. I did it without saving /etc/gbde/ad1s2, and without touching the encrypted slice. > >Now, I am in a predicament because I cannot access my files that I need for my work tomorrow. I know that I messed up, but my last backup is 3 weeks old, and essentially it is no good any more. > >Is there any way to recover the data? I have 13 hours to do it. The data stored in the file you lost is only the encrypted location of the master key, so in theory you could do a brute force search for the master key. Unless your encrypted partition is of rather trivial size, this will take a lot of time. You will need to adapt the code from gbde(8) to do this, but that should be rather straight forward: simply try every single byte offset on the disk. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1788.1081149679>