Rescue an encrypted LUKS LVM volume

Category: myblog Written by Jiri Kanicky Hits: 2894

This article describes how to rescue data from encrypted LUKS LVM volume or how to generate new initrd in case you are not able to boot from LUKS volume.

Requirements

Procedure

  1. Follow the wizard but do not choose root partition (you will end up just with console or you can switch to VT2 using ALT+F2)
  2. Boot from CD and choose "Rescue" mod
  3. Load dm-crypt modules
    modprobe dm-crypt
  4. Verify LVM volume name
    lvscan
  5. Open the encrypted LUKS volume
    cryptsetup luksOpen /dev/data_vg/luksVolume luksVolume
  6. Mount the encrypted volume
    mkdir /target
    mount /dev/mapper/luksVolume /target

Note: you can retrieve the data or you can continue to create new initrd

 

Procedure to create new initrd

  1. You need to mount /boot partion which usually resides on non-encrypted partition
    mount /dev/sda3 /target/boot
  2. You also need to mount the following to be able to generate new initrd succesfully
    mount proc /target/proc -t proc
    mount sysfs /target/sys -t sysfs
    mount --bind /dev /target/dev
  3. Chroot into the /target
    chroot /target /bin/bash
  4. Generate new initrd
    update-initramfs -u
  5. Reboot