Rescue an encrypted LUKS LVM volume

Sponsored Link
This tutorial is for people who have encrypted their main volumes of their hard drives using the method offered by the Alternate CD installer.

First you need to Boot into a Live CD environment and open up a terminal window. (applications-->accessories--->terminal)

Install required packages using the following command

sudo apt-get install lvm2 cryptsetup

probe required module using the following command

sudo modprobe dm-crypt

setup the crypto module to recognise the partition

sudo cryptsetup luksOpen /dev/hda5 crypt1

Enter your passphrase. You should get the following message:

key slot 0 unlocked.
Command successful.
If not, something has gone wrong.

Scan for volume groups

sudo vgscan --mknodes
sudo vgchange -ay

REMEMBER the name of the volume group, as you will need it later.

Create a mount point

sudo mkdir /volume

mount the encrypted volume to the mountpoint you just created.

sudo mount /dev/paulb-desktop/root /volume

The volume is mounted, now you can chroot or whatever else you need to do. If you would like to open the gnome file manager for writing to it issue the following command:

sudo nautilus /volume

Sponsored Link

You may also like...

10 Responses

  1. Ubuntu User says:

    I’ve just installed Ubuntu 8.04 on a encrypted partition with lvm a few days ago and wondered how to do this, if something goes wrong.
    Never worked with lvm before…

  2. moebus says:

    Thanks a lot,
    I’ve just broke my fedora system and was unable to access my LUKS-LVM “/” partition untill I found you tutorial.

    you make me very happy!

  3. an0nym0use says:

    I have SATA(hda) hdd with Ubuntu 8.10 + lvm + encrypt
    /dev/sda1 * 1 60770 488134993+ 83 Linux
    /dev/sda2 60771 60801 249007+ 5 Extended
    /dev/sda5 60771 60801 248976 83 Linux

    On other Ubuntu 8.10
    andruffka@andruffka:~$ sudo cryptsetup luksOpen /dev/sda5 crypt1
    Command failed: Can not access device

    what’s wrong?

  4. an0nym0use says:

    wow, my encrypted volume is sda1, not sda5
    and mount command like “sudo mount /dev/mapper/LABEL-root /media/MOUNTPOINT”

  5. denali206 says:

    Unfortunately, I can’t get this to work from the live cd. Unknown command apt-get.

  6. jcypher says:

    denali206, use aptitude instead of apt-get, it’s the same functionality.

  7. heh says:

    Much appreciated. Without this I would have had to re-install fedora.

  8. glesshoppa says:

    In my situation, I had an encrypted system and /home folder and lost video configuration. While I was never able to restore my video configuration. Despite the fact that I tried every related forum entry I could find. I finally decided to reinstall to my system partition leaving the others intact. During reinstall I opted to not mount my /home drive hoping to mount and reconnect it after re-install. In short is it possible to unlock and then remount a formerly encrypted /home volume? If so I have a question. I noticed after reinstall that even after mounting the “old” /home folder It was not able to access it. I found your forum and the above “how-to” When I used your how-to I noticed I was never able to access or unlock any volumes. I then noticed that the /home folder was not mounted. Does the encrypted volume need to be mounted at the time of the scan? Thanks in advance for your help.


  9. felix says:

    I tried this and couldn’t get it to work. All attempts at entering password rejected. Have entered it every day for years.
    sudo vgscan –mknodes
    udo vgchange -ay
    both returned “No volume groups found”

    Have one volume group within a dm-crypt

    Any ideas

  10. felix says:

    Got it working now, Keying in the password I was hitting the right letters on the keyboard but the ‘normal’ system was a UK keyboard, the rescue system a US one so the displayed ( and entered ) passwords were differnet.

Leave a Reply

Your email address will not be published. Required fields are marked *