How to recover key after using LuksRemovekey?

Question

I have an encrypted partition on /dev/sda5, yesterday I use cryptsetup to remove the encryption using cryptsetup luksRemovekey /dev/sda5, but when I restart I have to provide a passphrase for decryption ? (I use the old one but I have this message : No key available with this passphrase) when I switch to initramfs mode : I have all key slot disabled ? (using cryptsetup luksDump /dev/sda5)

Thank you in advance

Sorry, are you saying that you removed the very last key? That there are now no valid keys? — MadHatter, Aug 13 '14 at 09:28
Yes, and now I have access to my system only by initframfs mode ! — midobAck, Aug 13 '14 at 09:43

score 3 · Answer 1 · answered Aug 13 '14 at 11:28

Sorry, as far as I can tell from your question, you've destroyed your system.

You've removed the last key. The passphrases of stored keys aren't the encryption key; those are randomly generated, then in turn encrypted with the specified passphrase. So when you removed the last key, you removed the last stored (encrypted) key to decrypt the FS.

One of the bad things about ordinary people having industrial-strength crypto is that when you lose your keys, your data is gone.

If, as I suspect, your root partition is on the sda5 device, not only is everything that was on that device now lost to you, your system is unbootable as well. Reinstall, restore your data from backups, and learn a valuable lesson.

score -1 · Answer 2 · answered Aug 13 '14 at 11:03

-1

Check this out:

http://alvinabad.wordpress.com/2012/09/22/how-to-recover-a-luks-encrypted-disk/

Maybe it will help.

answered Aug 13 '14 at 11:03

Marc Stürmer

1,904
13
15

Thank you Marc, but it's not the case for me, if you look at the solution you have one slot is enabled "key slot 0: ENABLED" and the other ones are DISABLED, for me I have all key slot DISABLED ! – midobAck Aug 13 '14 at 11:28

How to recover key after using LuksRemovekey?

2 Answers2