From owner-freebsd-geom@FreeBSD.ORG Mon Jul 5 16:50:31 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B163D16A4CE for ; Mon, 5 Jul 2004 16:50:31 +0000 (GMT) Received: from afields.ca (afields.ca [216.194.67.132]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6D54843D48 for ; Mon, 5 Jul 2004 16:50:31 +0000 (GMT) (envelope-from afields@afields.ca) Received: from afields.ca (localhost.afields.ca [127.0.0.1]) by afields.ca (8.12.11/8.12.11) with ESMTP id i65GoURP074993; Mon, 5 Jul 2004 12:50:30 -0400 (EDT) (envelope-from afields@afields.ca) Received: (from afields@localhost) by afields.ca (8.12.11/8.12.11/Submit) id i65GoU4b074992; Mon, 5 Jul 2004 12:50:30 -0400 (EDT) (envelope-from afields) Date: Mon, 5 Jul 2004 12:50:30 -0400 From: Allan Fields To: tthorsten@yahoo.de Message-ID: <20040705165030.GD70272@afields.ca> References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Y7xTucakfITjPcLV" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4i cc: freebsd-geom@freebsd.org Subject: Re: Problem in attaching newly encrypted disk X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Jul 2004 16:50:31 -0000 --Y7xTucakfITjPcLV Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jul 05, 2004 at 06:26:34PM +0200, tthorsten@yahoo.de wrote: > Hi, >=20 > I have a serious problem after I have done the following steps: >=20 > Initalized new encrypted disk with > gbde init /dev/ad1s1c -i -L /etc/gbde/ad1s1c > -> sector_size =3D 2048 > -> one key >=20 > Attached it to the kernel via > gbde attach ad1s1c -l /etc/gbde/ad1s1c >=20 > Created new filesystem with > newfs -U /dev/ad1s1c.bde >=20 > Mounted the filesystem with > mount /dev/ad1s1c.bde /dsk >=20 > Then I put all my private data onto the newly created encrypted disk and > unmounted and detached it from kernel before halting the system. >=20 > When I started the system again and tried to attach the disk again with > gbde attach ad1s1c -l /etc/gbde/ad1s1c > NOTHING HAPPENS! There will no /dev/ad1s1c.bde device there to mount. > The Passphrase is correct! Hmm.. you're volume may be corrupted now, see below.. >=20 > So I made a dd of the first 1MB of /dev/ad1s1c and did a strings on it. > See output at end of this mail. > There are Error MEssages like "Read Boot error", "not a directory", "not= =20 > ufs format" > etc. I do not have such error messages in the dd output from other=20 > encrypted partitions > I use. >=20 > What went wrong? Does anybody have an answer or is all my data lost? Simple answer: yes, and this is one of the risks with all encrypted file systems. Probablly quite challenging to get it back absent backups. > I would be very happy, if anybody could help me with this. Is it possible you've written boot code on-top of the encrypted volume? Those strings look to belong to boot loader. You probably shouldn't have used the raw partition for the encrypted volume, next time disklabel the disk and use /dev/ad1s1a . I don't know why you want boot code on the second disk anyhow. Just out of curiosity, what is the output of: fdisk ad1 ? disklabel ad1s1 > Regards, > Thorsten >=20 >=20 > Here the strings output of the first 1MB of /dev/ad1s1c: > Read > Boot > error > ad1s1 [..] > Hss:esp > BTX halted > UWVS > Ph;4 > Wh?4 > [^_] [..] > DhaCgmnPprsv > %s: not a directory. > Not ufs > format > Invalid %s > /boot.config > %s: %s > /boot/loader > FreeBSD/i386 boot > Default: %u:%s(%u,%c)%s > boot: > No %s > Keyboard: %s > slice > label > partition > error %u lba %u > /|\- --=20 Allan Fields, AFRSL - http://afields.ca 2D4F 6806 D307 0889 6125 C31D F745 0D72 39B4 5541 --Y7xTucakfITjPcLV Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQFA6YbV90UNcjm0VUERAs/aAKCfmLohkUW9REmJUeMWwGs/MP/8RACdFTIC 7p4o1PdNL6kTFwy41QQ2NSg= =PUCs -----END PGP SIGNATURE----- --Y7xTucakfITjPcLV--