Rescue an encrypted LUKS LVM volume

From GanomiWiki
Jump to: navigation, search

Description

This document describe how to rescue data from encrypted LUKS LVM volume or how to generate new initrd in case you are not able to boot from LUKS volume.

Requirements

  • Debian Testing CD
  • Basic Linux knowledge

Procedure

  • Boot from CD and choose "Rescue" mod
  • Follow the wizard but do not choose root partition (you will end up just with console or you can switch to VT2 using ALT+F2)
  • Load dm-crypt modules
modprobe dm-crypt
  • Verify LVM volume name
lvscan
  • Open the encrypted LUKS volume
cryptsetup luksOpen /dev/data_vg/luksVolume luksVolume
  • Mount the encrypted volume
mkdir /target
mount /dev/mapper/luksVolume /target

Note: you can retrieve the data or you can continue to create new initrd

Create new initrd

  • You need to mount /boot partion which usually resides on non-encrypted partition
mount /dev/sda3 /target/boot
  • You also need to mount the following to be able to generate new initrd succesfully
mount proc /target/proc -t proc
mount sysfs /target/sys -t sysfs
mount --bind /dev /target/dev
  • Chroot into the /target
chroot /target /bin/bash
  • Generate new initrd
update-initramfs -u
  • reboot