Rescue an encrypted LUKS LVM volume

From GanomiWiki
Jump to: navigation, search

Description[edit]

This document describe how to rescue data from encrypted LUKS LVM volume or how to generate new initrd in case you are not able to boot from LUKS volume.

Requirements[edit]

  • Debian Testing CD
  • Basic Linux knowledge

Procedure[edit]

  • Boot from CD and choose "Rescue" mod
  • Follow the wizard but do not choose root partition (you will end up just with console or you can switch to VT2 using ALT+F2)
  • Load dm-crypt modules
modprobe dm-crypt
  • Verify LVM volume name
lvscan
  • Open the encrypted LUKS volume
cryptsetup luksOpen /dev/data_vg/luksVolume luksVolume
  • Mount the encrypted volume
mkdir /target
mount /dev/mapper/luksVolume /target

Note: you can retrieve the data or you can continue to create new initrd

Create new initrd[edit]

  • You need to mount /boot partion which usually resides on non-encrypted partition
mount /dev/sda3 /target/boot
  • You also need to mount the following to be able to generate new initrd succesfully
mount proc /target/proc -t proc
mount sysfs /target/sys -t sysfs
mount --bind /dev /target/dev
  • Chroot into the /target
chroot /target /bin/bash
  • Generate new initrd
update-initramfs -u
  • reboot