Date: Sun, 3 Dec 2006 20:22:03 +0000 From: "Alex Bramley" <a.bramley@gmail.com> To: "Pawel Jakub Dawidek" <pjd@freebsd.org> Cc: freebsd-geom@freebsd.org Subject: Re: Resurrecting a GELI volume Message-ID: <8cffb8c80612031222h180cde0ch790707802ada44a1@mail.gmail.com> In-Reply-To: <20061203195004.GA3183@garage.freebsd.pl> References: <8cffb8c80612031132s2cdd69d6ia812e3f4e017f69e@mail.gmail.com> <20061203195004.GA3183@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12/3/06, Pawel Jakub Dawidek <pjd@freebsd.org> wrote: > On Sun, Dec 03, 2006 at 07:32:29PM +0000, Alex Bramley wrote: > > Hi, > > > > First, please CC me in any replies to the list, as I am (temporarily) > > off list due to moving jobs. > > > > I accidentally overwrote the metadata of a GELI volume by using geli > > init on the wrong device node (never try to do sysadmin tasks when > > hungover). I have the correct key and passphrase, and I would like to > > know whether it is possible to regain access to my lost data. I have > > already tried running init again on the volume with the correct key > > and passphrase, but (somewhat unsurprisingly) to no avail. Any > > assistance would be much appreciated. > > Passphrase is only used to encrypt the master key, which is stored in > metadata. That means you overwrote the master key and I'm afraid your > data is lost if you haven't backed the master key up before (with 'geli > backup'). I don't suppose you could put some kind of check in to make this kind of slip more difficult to achieve in future? I can't see many times where you'd want to re-init an already encrypted volume. Hopefully it won't be too difficult to taste the volume for already existing metadata and ask for confirmation if it exists... Many Thanks, Alex
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8cffb8c80612031222h180cde0ch790707802ada44a1>