From: "Martin Jørgensen" <mjoerg@gmail.com>
To: dm-crypt@saout.de
Subject: [dm-crypt] cryptsetup versions: cryptsetup 2.3.4 vs. cryptsetup 2.1.0 - thought I had data corruption!?!
Date: Wed, 25 Nov 2020 18:30:27 +0100 [thread overview]
Message-ID: <CAJN12jkuOZfK2ag53+tD_K0S=CZ2LiE4Qx28cg6q3shGSKMiGg@mail.gmail.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 3383 bytes --]
Hi all,
I've been cryptsetup and LUKS-encryption a lot in the past 5 years and the
only time I've really lost data is because I locked myself out of my linux
boot-partition during a kernel upgrade/initramfs-generation (still not sure
what happened, but I've learned now that I should ALWAYS have a backup
password instead of relying on a key which I lost). But the last 3-4 days
scared the shit out of me, as I took a complete backup of maybe 15 years of
data (5-6 TB), verified with md5sum that the copy also was ok - but in
order to have space for that (~5-6 TB) I deleted my previous unencrypted
backup, otherwise I had to buy a new disk and I trusted things were ok...
When I saw the md5sum on the backup disk was ok, I felt "safe" and wanted
to unlock my partition (just after deleting the unencrypted data, to have
space). I used cryptsetup on a Debian (proxmox)-installation where the
encrypted data was also stored and it worked before doing the backup. But
after making the backup I got something like:
*"mount: wrong fs type, bad option, bad superblock on /dev/mapper/....,
missing codepage or helper program, or other error*
At first I thought it was simple: I googled and found out I should use
e2fsck with an option to use another superblock. I read I should try the
first, reboot, then the next, reboot, etc - until I've went through them
all or until it works.... It didn't work - I was shocked, I thought I had
made the mistake of my life and lost all my data...
Nothing on google pointed me to the solution - I was screwed - I thought. I
think the problem happened because I was primarily using Debian / proxmox
(where the encrypted data is) with cryptsetup 2.1.0. But it might have
happened that just before doing the backup, I had "sshfs'ed" to my laptop
with Arch Linux, which is using cryptsetup 2.3.4. I think after opening the
LUKS-container with cryptsetup 2.3.4 (and closing it again after use, hence
probably forcing some things to be written), the encrypted data couldn't -
and cannot be opened with cryptsetup 2.1.0 anymore... At least this was/is
the solution for me: Don't use debian/proxmox with cryptsetup 2.1.0
anymore, instead use Arch Linux with version 2.3.4... I'm still terrified -
but tried to investigate the difference with luksDump (encrypted file). It
says LUKS is version 2, epoch 3, pbkdf2 is used, aes-xts-plain64 cipher
with 512 bits key - and everything is completely the same using both
luksDump-versions...
I tried to look in version history but am not into the details of the
difference in crypt-setup versions. Can anyone please tell why I got/get
this error using 2.1.0 and not with 2.3.4?
"mount: wrong fs type, bad option, bad superblock on /dev/mapper/....,
missing codepage or helper program, or other error
Questions that popup are: Is there a fix? Is it recommended to stick with
2.3.4? Should I worry in the future?
I would be grateful to understand this better, to not screw up in the
future. Furthermore, I think or hope this could/can maybe help others, as I
didn't found this solution on google or any other place. I almost gave up
all hope and was prepared to delete the LUKS-container, before I thought I
would try this "long shot" - phew, I'm just happy I have my data back.
Please elaborate or explain the version difference together with your
comments, I would be very grateful for that, thanks!
Br,
M.
[-- Attachment #2: Type: text/html, Size: 3761 bytes --]
next reply other threads:[~2020-11-25 17:30 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-25 17:30 Martin Jørgensen [this message]
2020-11-25 18:01 ` [dm-crypt] cryptsetup versions: cryptsetup 2.3.4 vs. cryptsetup 2.1.0 - thought I had data corruption!?! Michael Kjörling
2020-11-25 18:34 ` Milan Broz
2020-11-25 20:08 ` Martin Jørgensen
2020-11-26 9:32 ` Martin Jørgensen
2020-12-16 0:06 ` Martin Jørgensen
2020-12-16 0:06 ` Martin Jørgensen
2020-12-22 13:21 ` Milan Broz
2020-12-22 22:03 ` Arno Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAJN12jkuOZfK2ag53+tD_K0S=CZ2LiE4Qx28cg6q3shGSKMiGg@mail.gmail.com' \
--to=mjoerg@gmail.com \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).