Solution Verified - Updated -
- English
- Japanese
Environment
- Red Hat Enterprise Linux 5 and later
- LUKS1
Issue
- I lost my LUKS key. How can I recover my data?
- I forgot the passphrase to my LUKS-encrypted drive. What can I do?
- How can I recover my data if forgot luks password ?
Resolution
This solution only works with LUKS1
devices. It is not possible to recover the master key of LUKS2
devices because the key is stored in the kernel directly.
(A) Are any other passphrases or keyfiles available?
LUKS allows for up to 8 keys (derived from passphrases or files) per device
Find the device name with
blkid
This command will only show LUKS devicesblkid -t TYPE=crypto_LUKS -o device
Example:
[root]# blkid -t TYPE=crypto_LUKS -o device/dev/vdb1
Inspect the LUKS header to see how many key-slots are populated
Use the device name from the previous stepcryptsetup luksDump /dev/<NAME> | grep Key.Slot
Example:
[root]# cryptsetup luksDump /dev/vdb1 | grep Key.SlotKey Slot 0: ENABLEDKey Slot 1: DISABLEDKey Slot 2: DISABLEDKey Slot 3: DISABLEDKey Slot 4: DISABLEDKey Slot 5: DISABLEDKey Slot 6: DISABLEDKey Slot 7: DISABLED
If more than one key slot is enabled, perhaps someone else has a valid key ...?
If so, that other passphrase/keyfile could be used to add a new key
See: How to add a passphrase, key, or keyfile to an existing LUKS deviceIf not, go to (B)
(B) Is the device still open?
If the system is still up and the device is currently opened (unlocked), root can use the master key to add a new key
(RHEL 5 caveat: root can extract the master key to a file; however, cryptsetup
in RHEL 5 doesn't support reading the master key to add a new key. Instead, the disk itself will need to be closed and moved to a RHEL 6 or RHEL 7 machine [along with the master key file].)
Check for open crypt devices
This command will only show open maps to LUKS-encrypted devicesdmsetup ls --target crypt
Example:
[root]# dmsetup ls --target cryptvdc-decrypted (253, 2)luks-ec013cf7-ad72-4dcf-8a1e-0548016a3e2c (253, 1)
The first column is the map filename (
<MAP>
) without the/dev/mapper/
prefix
If no output is seen, go to (C)Find desired open map in above output and make note of its name (
<MAP>
)
If system has only ever had one LUKS device, go to next step
If there are [or should be] multiple LUKS devices on system, uselsblk
,findmnt
,df
,mount
, or/etc/fstab
to determine the right deviceExamples:
[root]# mount | grep vdc/dev/mapper/vdc-decrypted on /opt type xfs (rw,relatime,seclabel,attr2,inode64,noquota)[root]# lsblk | grep -B1 luks-ec013cf7-ad72-4dcf-8a1e-0548016a3e2c└─vdb1 252:17 0 1023M 0 part └─luks-ec013cf7-ad72-4dcf-8a1e-0548016a3e2c 253:1 0 1021M 0 crypt /cryptstor[root]# lsblk /dev/vdcNAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTvdc 252:32 0 2G 0 disk└─vdc-decrypted 253:2 0 2G 0 crypt /opt[root]# findmnt /dev/mapper/luks-ec013cf7-ad72-4dcf-8a1e-0548016a3e2cTARGET SOURCE FSTYPE OPTIONS/cryptstor /dev/mapper/luks-ec013cf7-ad72-4dcf-8a1e-0548016a3e2c ext4 rw,relatime,seclabel,data=ordered
Extract the LUKS master key and use it to add a new key
Be careful with the master key -- it allows full access to the devicedmsetup table <MAP> --showkeys
The master key is the hex string in the 5th column; however, to use it with
cryptsetup luksAddkey <DEVICE> --master-key-file
, it must be converted to binaryRHEL 6 and RHEL 7:
The master key can be extracted, converted to binary, and piped directly toluksAddKey
with the following commandcryptsetup luksAddKey <DEVICE> --master-key-file <(dmsetup table --showkey /dev/mapper/<MAP> | awk '{print$5}' | xxd -r -p)
Example:
[root]# lsblk | grep -B1 luks-ec013cf7-ad72-4dcf-8a1e-0548016a3e2c└─vdb1 252:17 0 1023M 0 part └─luks-ec013cf7-ad72-4dcf-8a1e-0548016a3e2c 253:1 0 1021M 0 crypt /cryptstor[root]# cryptsetup luksAddKey /dev/vdb1 --master-key-file <(dmsetup table --showkey /dev/mapper/luks-ec013cf7-ad72-4dcf-8a1e-0548016a3e2c | awk '{print$5}' | xxd -r -p)Enter new passphrase for key slot:Verify passphrase:[root]# cryptsetup luksDump /dev/vdb1 | grep ENABLEDKey Slot 0: ENABLEDKey Slot 1: ENABLED
RHEL 5:
Save the key to a gpg-encrypted file for transfer to a RHEL 6 or RHEL 7 system where the final steps can be doneExample:
[root@rhel5]# dmsetup table --showkey vdb-open | awk '{print $5}'3c8e2d74f66d684547fdb0421cb3ced6[root@rhel5]# dmsetup table --showkey vdb-open | awk '{print $5}' | gpg -aco masterkey.gpg --force-mdc --cipher-algo aes256Enter passphrase:Repeat passphrase:[root@rhel5]# cat masterkey.gpg-----BEGIN PGP MESSAGE-----Version: GnuPG v1.4.5 (GNU/Linux)jA0ECQMClT4LaE+j9PNg0lYBM0QAV1jOEPVIZuEhOnB2iStT+51BTzMxlg99uu9LFmynvHQZ71M/0JXoEpBmEvJUXS0NB1deTCFfNb7BDGuYQZDKSCunQo/F0o2m1l5xZLq83BcDdg===p7Zd-----END PGP MESSAGE----- Transfer masterkey.gpg to RHEL 6/7 system. Make sure masterkey.gpg can be decrypted on other system.[root@rhel6]# gpg -d masterkey.gpggpg: AES256 encrypted datagpg: encrypted with 1 passphrase3c8e2d74f66d684547fdb0421cb3ced6 Once certain masterkey is intact on other system, close the LUKS device on the RHEL 5 system and move/migrate the disk to the new system.[root@rhel5]# cryptsetup luksClose vdb-open After that, add a new key using the decrypted master key.[root@rhel6]# blkid -t TYPE=crypto_LUKS -o device/dev/vdb[root@rhel6]# cryptsetup luksAddKey /dev/vdb --master-key-file <(gpg -d masterkey.gpg | xxd -r -p)gpg: AES256 encrypted datagpg: encrypted with 1 passphraseEnter new passphrase for key slot:Verify passphrase:[root@rhel6]# cryptsetup luksDump /dev/vdb | grep ENABLEDKey Slot 0: ENABLEDKey Slot 1: ENABLED After adding new key, close the device and move it back to the RHEL 5 system, if desired.
(C) None of that helped!
The whole point of encryption is to protect data. If there are no known keys and the device is not unlocked, the data is as good as gone.
Barring future discoveries of cryptographic weaknesses in the current LUKS/dm-crypt implementation and barring availability of advanced quantum computers, the only option likely within the realm of possibility is a brute-force dictionary attack, i.e., password-guessing.
The feasibility of a dictionary attack depends entirely on the mind that created the key(s), since LUKS allows enormous (512 characters in RHEL 7) plaintext passphrases, not to mention insanely large (8 MiB in RHEL 7) keyfiles [which can contain newlines or even arbitrary binary data].
- Product(s)
- Red Hat Enterprise Linux
- Category
- Troubleshoot
- Tags
- security
- storage
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.