[systemd-devel] LUKS - lost token?
lejeczek
peljasz at yahoo.co.uk
Sat Oct 28 09:11:02 UTC 2023
Hi guys.
I know this is most likely not best suited question for this
list, but I'm hoping some experts might be able to help.
I have a LUKS device which had keyslot with pass-phrase
removed and token for TPM keyslot removed too - I think this
is the case, for none of my passphrase works and device is
as below:
I hope there is a way to save & bring it back to live -
device is open right now and I've access to filesystem,
obviously goal would be to avoid re-format/crypt.
Would it be needed to create a new token for that TPM
keyslot - if it's tpm - with _systemd-cryptenroll_ or any
other way?
-> $ cryptsetup luksDump /dev/nvme0n1p3
LUKS header information
Version: 2
Epoch: 83
Metadata area: 16384 [bytes]
Keyslots area: 16744448 [bytes]
UUID: 3a879268-84fd-4b48-a5d4-960cccb0caa9
Label: (no label)
Subsystem: (no subsystem)
Flags: (no flags)
Data segments:
0: crypt
offset: 16777216 [bytes]
length: (whole device)
cipher: aes-xts-plain64
sector: 512 [bytes]
Keyslots:
1: luks2
Key: 512 bits
Priority: normal
Cipher: aes-xts-plain64
Cipher key: 512 bits
PBKDF: pbkdf2
Hash: sha512
Iterations: 1000
Salt: a4 5b 6b cc a8 f1 6b e8 b7 3b e2 3d ca 8d
43 fb
10 52 62 b9 99 45 70 16 bd e1 0f 7a 6c 7f
3d 11
AF stripes: 4000
AF hash: sha512
Area offset:290816 [bytes]
Area length:258048 [bytes]
Digest ID: 0
Tokens:
Digests:
0: pbkdf2
Hash: sha256
Iterations: 183317
Salt: ef 56 aa 59 c2 64 66 c7 49 57 31 4b a7 7d
00 3c
fe 00 89 2e b9 e9 da bc 69 1d 19 59 96 a9
27 aa
Digest: 79 aa 0c 8a 29 64 9c 83 bb 5a f8 5c b5 c6
b0 9c
5e 54 80 49 bd 21 f6 b4 5b 49 65 39 bd 6f
5f 20
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20231028/fa37c980/attachment.htm>
More information about the systemd-devel
mailing list