Debian :: Reverting RAID 1 - Mount Partition As Standalone Encrypted Disk
Feb 11, 2011
I have 2 identical disks originally configured as a pair for a server. Each of the disks has 2 partitions dev/sdb1,dev/sdb2. The sdb1 partitions I had configured as a raid1 mirror. The sdb2 partitions were non-raid and used as extra misc. Space. Further, the raid setup is also encrypted using dm-crypt luks. Now I want to redeploy each of the disks for new purposes. One of the disks i want to deploy exactly as before (keeping the partitions and content), however without being part of a raid array.
I've successfully deployed this disk into a new system and I am mounting the dev/sdb1 partition as dev/md0 because the disk is set to autodetect raid. Actually I am using cryptsetup and mounting with mapper. Can I get rid of the setting for auto detect on this partition without losing the data, or breaking the encryption? I just want to mount the partition as a standalone encrypted disk. Is it as simple as doing crypt setup luksOpen /dev/sdb1 then mounting it with mapper? Or do I need to change the partition in some way. Or do I simply continue to operate it as a 'broken' raid array?
I need to copy data from a single HD, which used to be part of a Linux RAID 1. I've googled around, but can't find any clue how to mount partitions from this single HD.
Background: The HD comes from a linux based NAS box Synology DS207+. The NAS uses ext3 as filesystem. Both NAS disks are fine, but the other NAS hardware is dead and not worth repairing or replacing.
sda is what I currently run to write this text, sdb is my former harddrive, connected via USB.
I want to access the root partition on sdb.
The problem is:
Code: Select allcryptsetup luksOpen /dev/sdb5 oldhd Enter passphrase for /dev/sdb5: root@x200s:/home/b# ls /dev/mapper/ control oldhd sda5_crypt x200s--vg-root x200s--vg-swap_1 root@x200s:/home/b# mount /dev/mapper/oldhd /mnt/ [b]mount: unknown filesystem type 'LVM2_member'[/b]
[Code] ..
Before all this, both sda and sdb where in the same volume group. I renamed the volume group of sdb to "oldDisk" using
Code: Select allvgrename <UUID> oldDisk
How I can access the data on the root filesystem of my sdb..
concerning Linux, mdadm, and creating RAID Array's in Debian. I've done a lot of reading and research on RAID both on this board and elsewhere (The Linux Documentation Project's Software-RAID HOWTO is especially good), but I've run across something that no one seems to explain, and I'm not sure why. I'm instructed to create partitions on the drives I wish to add to my array. These partitions inevitably take up the whole disk, and are always have their system IDs set to "Linux raid autodetect". What I don't understand is why, after creating these partitions, some guides then go on to create an array (say a RAID5 one) with just the disks themselves as members, while others go on to create the RAID5 array with the previously created partitions as members. E.g.,
I was running Ubuntu 9.04 Desktop on a headless Pentium 4 machine which is our file, mail, web & fax server. The two x 250GB SATA hard disks were in a RAID 1 array with full disk encryption. Ran the 9.10 upgrade via WEBMIN and it failed. I should have known then to copy over everything to a backup disk, but instead I rebooted.
On restart the machine accepted my encryption passphrase but promptly hung with a mountall symbol lookup error - code 127. So I can't start the machine to get at the disks, and using a Live CD is useless as it has no way to open the RAID array to get at the encrypted partitions. Although we have data backed up (as at last night) I'd hoped not to have to rebuild the entire server from scratch. But its looking bad.I have taken one drive out and plugged it into another machine (Hercules), and the partitions show up as /dev/sdb1 /dev/sdb2 /dev/sdb3.
If it weren't for RAID, I could open /dev/sdb2 the main partition) in Disk Utility and enter my encryption passphrase to get access. But RAID adds a layer of obstruction that I have not yet overcome. I used mdadm to scan the above partitions and created the /etc/mdadm.conf file, which I edited to show the 2nd drive as missing (rather than risk corrupting both drives). I activated the RAID array with mdadm, and cat shows:
I've been searching the web for hours but have yet to find someone with a solution to this situation. If anyone has a thought on how to access this disk I'd be pleased to hear from you. In the meantime I will start building a new (9.10) machine from scratch, without RAID, 'cos that's probably going to be necessary.
I used Ubuntu for years now, but since the latest decisions got public I deceided to try something new: Fedora. I installed the system as a dualboot,Ubuntu and my old data. Because Fedora got installed inbetween of two partitions,ad to do the partitioning manually. I just made one partition /dev/sda4. During the installation process I got asked about the password for my /dev/sda1 partition. Of course, I entered it. So far so good.Now, everytime when I boot, the boot process stops and asks me for the password of the /dev/sda1 partition. However, the boot process does not go on, unless i press STRG+C.After the log in, I can also not access my data, by entering the password (GUI).The only way I can acces the data on that partition is:
Code: su - cryptsetup luksOpen /dev/DEVICENAME luks-fedora
I encrypted my /home partition in my last installation F13. For some reason, I have to reinstall F13. After I login, I can not access /home. I followed some instructions like
Times like this Ubuntu makes me want to pull my hair out. When I enter my pass on the login screen, it brings up a "Could not update ICEauthority file" error and then goes to a black screen. I've tried to fix this problem for the past 2-3 hours (searching google, these forums, etc) and at this point, I just want the data off my drive so I can restart with a fresh install of Ubuntu. I used the "gsku nautilus" command to mount the disk from a Ubuntu Drive boot, but it's not letting me have access to the encrypted drive. Does anyone know of a work around for this?
I currently have a simple bash script set up via cron to backup my data (rsync) to an internal hard drive at regular intervals. I leave this "backup" hard drive unmounted, and it is mounted and unmounted as needed with the bash script. If I were to encrypt this "backup" drive (via Luks, or some other means), is there a way to get my backup script to work without me having to be there to enter a password?
I'm having a problem auto-mounting a new luks partition. I have crypttab and fstab entries. I already have my primary encrypted partition (root) mounting at boot (from the install), but after creating this one manually, it does not open on boot. It auto-mounts when I run the following command manually after boot: sudo luksOpen /dev/disk/by-uuid/<uuid> mycrypt
I'm trying to configure pam_mount to automatically mount an encrypted partition (luks) and formatted to NTFS. I typed the command in the configuration file:
After an install of suse 11.4, one of my drives raid 0 (ichr9 intel) does not mount and is not recognized as being formatted in NTSF, while the other unit raid 0 (ichr9) is recognized without problems?
I wanted to implement raid5 such that one partition is from my laptop's hard disk and others from other hard disks. After making one partition a raid partition, I rebooted the system. The computer stopped mid-way during booting, and brought me to the shell. On typing fsck -p, it told me an unexpected error occured in the partition which I had made for raid. Is there some condition that we cannot boot from a disk containing one of the raid partitions ?
I tried to access files from my old hard drive that used to be in a Mac (which unfortunately isn't working anymore). I connected it to my computer which I am running debian gnome on. So my question is how do i access a mac os extended disk image. The disk is encrypted and when i try to open it it says that i don't have permission. I think its encrypted in AES 128 bit.
Is it better to install LUKS to raw disk (/dev/sdb) or disk partition (/dev/sdb1)? What are best LUKS options?
"cryptsetup benchmark" output Code: Select allPBKDF2-sha1 1310720 iterations per second PBKDF2-sha256 862315 iterations per second PBKDF2-sha512 590414 iterations per second
[Code] ....
Is slow hash better or how to choose it? It is clear that aes-xts is best choise. Is 265 bit key good?
The luksOpen command asks me for my passphrase, but always rejects it. I have retried this several times and written down the passphrase - and even tried with a very simple one just to check. And I never can make it work.
I installed an old version on accident, I used an encrypted LVM. When I removed the old debian and started the installation of the new version, the encrypted partition could not be used to install, and the drive itself was creating an error message when I tried to mount the installation there. This is probably a vague explanation of what is happening, but does anyone know how to remove these encrypted LVM partitions?
I'm trying to install Debian on a USB to create an encrypted partition, I get an error message saying I need to install missing firmware rtl_nic rtl8168d-2.fw.So I download that file and try again this time I get an error " There was a problem reading data from CD Rom" .I not using a CD Rom I put debian on the USB as an ISO file first using Unebutin then tried Rufus.
I have Debian and Virtual Box with another Debian. I have resized max size of vdi file with VBoxManage modifyhd but now I need to resize partition on virtual machine's system. I've downloaded GParted and I can run machine from this ISO as CD. Partition is encrypted on machine.Unfortunately GParted doesn't start with X so I have to use it in terminal. I can see partitions:
So I though maybe I need to use this (URL...). I couldn't find similar tutorial about Debian or GParted but OK, it's just executing these commands, not modifying its source.list.But I cannot even do the update:
Code: Select allroot@debian:/# sudo apt-get update Err: http://free.nchc.org.tw/debian sid InRelease Temporary failure resolving 'free.nchc.org.tw' Err2: http://free.nchc.org.tw/drbl-core drbl InRelease Temporary failure resolving 'free.nchc.org.tw' Reading package lists... Done W: Failed to fetch http://free.nchc.org.tw/debian/dists/sid/InRelease Teporary failure resolving 'free.nchc.org.tw' W: Failed to fetch http://free.nchc.org.tw/drbl-core/dists/drbl/InRelease Temporary failure resolving 'free.nchc.org.tw' W: Some index files failed to download. They have been ignored, or old ones used instead.
So I check my internet connection. VirtualBox has 'attached to NAT' and before I run out of space on virtual machine, Debian could access internet. So it's only something about this GParted. I have modified /etc/resolv.conf with vi (even vim is not available). And it has two valid nameservers. I haven't restarted anything, as I'm not sure if I need to, after modifying resolv.conf file.But even in that case I cannot ping anything from GParted:
This is my specific solution to my specific problem. After updating to Squeeze from my prior Lenny distro (amd64 with whole disk encrytion using LVM2, dm-crypt, LUKS) everything went well - at first. I was duped like so many, thinking that all was well and I could remove the legacy-grub (aka: Grub1) and just use grub-pc (aka: Grub2). As soon as I removed the legacy-grub and rebooted my laptop, I was confronted with:
GRUB Loading stage1.5 GRUB loading, please wait..Error 15 At this point I wasn't sure if it was a Grub problem or a deeper encryption problem - especially after reading that some people had missing packages in Squeeze (lvm2, dm-setup, initramfs-tools, etc.)
Okay, the solution for me.
1. download and burn to disk: debian-live-6.0.0-amd64-rescue.iso[URL]..
2. scroll to and press enter/return on: text rescue
3. choose a root directory - for example: /dev/blah/root (I wrote down the list of possible /dev/.... for reference - this helped me remember where and what I had partitioned in Lenny)
4. choose: Execute a shell in /dev/blah/root
5. once in the shell, I discovered I needed to mount a few of those partitions that I had written down in order to get access to grub-probe, update-grub, grub-install, etc. You may not have to if your partitions are minimal. I you need to use other partitions, type (for example):
I would like to mount a partition on a second disk as /home. I have two hdds. one is 250gigs that I wish to use for the / of two or more os'. The other is 1TB that I would like to use as /home/charlie and /home/prisca as well as some other partitions. Here is my current /etc/fstab
# <file system> <mount point> <type> <options> <dump> <pass> proc /proc proc defaults 0 0 # / was on /dev/sda6 during installation
On my embedded linux box, running on Linux Kernel 2.6.9 embedded with BusyBox utilities.
An Objective are follow: 1/ To figure out how many partitions are on the hard disk 2/ Create a extra partition about 10GB size on the hard disk 3/ Format the partition and mount var on that partition
Only utility to perform above operations I have "sfdisk" utility from BusyBox collection. Which get installed at the time of image flash in to ROM (8mb ROM size). The following is the root directory structure where hdd as a directory mounted /mnt/hdd1
Code: ~ > ls bin etc lib proc sbin sys var dev hdd mnt root share tmp var_init Within /bin sfdisk utility can be used which I tried but no avail.
Code: ~ > sfdisk -l /dev/hda /dev/hda: No such file or directory sfdisk: cannot open /dev/hda for reading ~ > sfdisk -l /dev/sda0 /dev/sda0: No such file or directory .....
ive recently switched to Gentoo as my primary OS - the only problem im having so far is getting my ubuntu partition to mount, aparantly it is encrypted, although i cannot remember ever doing this. It is an ext4 filesystem. When I do
[code]...
It mounts, but when I cd to /media/Ubuntu/home/dean all I see is a blank README.txt and Access-Your-Prive-Data.desktop files. Is it possible for me to mount my ubuntu partition to be read / written to in gentoo? If not, how do I go about removing the encryption? (I still have access to the ubuntu install)
I installed Ubuntu successfully using rescue mode on the alternate cd, and let Ubuntu use an internal boot and home. At the final stage grub refused to install to the MBR, and then refused to install to my /boot partition on /dev/sda2. It said: No boot loader has been installed, either because you chose not to or because your specific architecture doesn't support a boot loader yet. You will need to boot manually with the /vmlinuz kernel on partition /dev/mapper/volumegroup-natty and root=/dev/mapper/volumegroup-natty passed as a kernel argument. Returning to debian, I did a update-grub, which detects Windows and Ubuntu:
[code]...
How do I make grub decrypt the LUKS partition before attempting to load the Ubuntu kernel?
I'm using fc14, and put the /boot directory on a standalone partition. Now, there's something changed in MBR, and the grub has been overwrote, now I wants to fix the grub by another bootable usb-disk with grub, to use 'setup (hd1)' to fix it. but the situation cause the /boot has nothing and the partition contain essential files does not under the directory 'boot'. then setup failed.
--- WinXP NTFS partition --- a vfat partition (mounted onto /fat32) --- Installed F10 on ext3 virtual partition
B. I do not want install grub-loader in the Master Boot Record (that would loose my WinXP boot-loader for ever)
C. I have installed grub boot loader in the First Boot Sector
D. Now I have to boot using Rescue Mode, do:
1. dd if=/dev/sda2 of=/fat32/linux.bin bs=512 count=1 2. mount -t ntfs /dev/sda1 /ntfs 3. cp /fat32/linux.bin /ntfs 4. modify /ntfs/c/boot.ini and introduce the statement 'c:linux.bin="Linux"'
Problem: Im not able to do step D.2 above.
Symptom: ** after booting linux using the Rescue Mode: sh-3.2# chroot /mnt/sysimage sh-3.2# uname -r 2.6.27.5-117.fc10.i586 sh-3.2# mount -f ntfs /dev/sda1 /ntfs FATAL: Could not load /lib/modules/2.6.27.5-117.fc10.i586/modules.dep: No such file or directory ntfs-3g-mount: fuse device is missing, try 'modprobe fuse' as root sh-3.2#
Observations:
* The rescue mode boots into i586 based kernel (I dont know what is the actual difference between i586 and i686 - will really appreciate if anyone can educate me about it). * The installation is only a i686 image and consequently there is *only* '/lib/modules/2.6.27.5-117.fc10.i686' dir and *no* other dir. There is no dir as xxxx.fc10.i586.
I accidentally formatted a 2TB drive of mine (big oops), but have recovered 2 of the 3 partitions using testdisk. My third partition is a LUKS encrypted partition. Testdisk managed to recover a piece of it, but it won't mount as most of it is unallocated. The partition originally occupied all space from sector 2,930,272,065 to the end of the disk -- sector 3,907,024,064. That is about 473 GBs. Currently, the partition only uses space from sector 2,930,272,065 to 2,930,288,129, about 7.84 MB.
The rest of the space is unallocated. Now what I need to do, is to expand the partition so that it occupies all the space that it used to. How would I do this? I cannot resize the partition, cause it would try to recreate the filesystem AFAIK and I don't want that, as it will fry my data. My data is not terribly important, but I would rather have it then not. I attached a screenie of kpartitionmanager. The partition in question is /dev/sdb2.
What i need is to mount several directories from any other partiton (or file system) as a new merge file system that can grow or decrease depending on the free space. As if it was a dinamic RAID,so i can work with huge files distributed over the partitions mounted.
