LUKS - lost token?

Sat, 28 Oct 2023 06:50:11 -0700 

Hi guys.
I know this is most likely not best suited question for this list, but I'm hoping some experts might be able to help. 


I have a LUKS device which had keyslot with pass-phrase 
removed and token for TPM keyslot removed too - I think this 
is the case, for none of my passphrase works and device is 
as below:



I hope there is a way to save & bring it back to live - 
device is open right now and I've access to filesystem, 
obviously goal would be to avoid re-format/crypt.



Is it possible to restore/recreate that lost token and/or 
add new Keyslot somehow? I have no header backup for this 
device.


-> $ cryptsetup luksDump /dev/nvme0n1p3
LUKS header information
Version:           2
Epoch:             83
Metadata area:     16384 [bytes]
Keyslots area:     16744448 [bytes]
UUID:              3a879268-84fd-4b48-a5d4-960cccb0caa9
Label:             (no label)
Subsystem:         (no subsystem)
Flags:           (no flags)

Data segments:
  0: crypt
    offset: 16777216 [bytes]
    length: (whole device)
    cipher: aes-xts-plain64
    sector: 512 [bytes]

Keyslots:
  1: luks2
    Key:        512 bits
    Priority:   normal
    Cipher:     aes-xts-plain64
    Cipher key: 512 bits
    PBKDF:      pbkdf2
    Hash:       sha512
    Iterations: 1000

    Salt:       a4 5b 6b cc a8 f1 6b e8 b7 3b e2 3d ca 8d 
43 fb
                10 52 62 b9 99 45 70 16 bd e1 0f 7a 6c 7f 
3d 11

    AF stripes: 4000
    AF hash:    sha512
    Area offset:290816 [bytes]
    Area length:258048 [bytes]
    Digest ID:  0
Tokens:
Digests:
  0: pbkdf2
    Hash:       sha256
    Iterations: 183317

    Salt:       ef 56 aa 59 c2 64 66 c7 49 57 31 4b a7 7d 
00 3c
                fe 00 89 2e b9 e9 da bc 69 1d 19 59 96 a9 
27 aa
    Digest:     79 aa 0c 8a 29 64 9c 83 bb 5a f8 5c b5 c6 
b0 9c
                5e 54 80 49 bd 21 f6 b4 5b 49 65 39 bd 6f 
5f 20

_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue






















					Reply via email to