Resurrecting a GELI volume
Alex Bramley
a.bramley at gmail.com
Sun Dec 3 12:22:40 PST 2006
On 12/3/06, Pawel Jakub Dawidek <pjd at freebsd.org> wrote:
> On Sun, Dec 03, 2006 at 07:32:29PM +0000, Alex Bramley wrote:
> > Hi,
> >
> > First, please CC me in any replies to the list, as I am (temporarily)
> > off list due to moving jobs.
> >
> > I accidentally overwrote the metadata of a GELI volume by using geli
> > init on the wrong device node (never try to do sysadmin tasks when
> > hungover). I have the correct key and passphrase, and I would like to
> > know whether it is possible to regain access to my lost data. I have
> > already tried running init again on the volume with the correct key
> > and passphrase, but (somewhat unsurprisingly) to no avail. Any
> > assistance would be much appreciated.
>
> Passphrase is only used to encrypt the master key, which is stored in
> metadata. That means you overwrote the master key and I'm afraid your
> data is lost if you haven't backed the master key up before (with 'geli
> backup').
I don't suppose you could put some kind of check in to make this kind
of slip more difficult to achieve in future? I can't see many times
where you'd want to re-init an already encrypted volume. Hopefully it
won't be too difficult to taste the volume for already existing
metadata and ask for confirmation if it exists...
Many Thanks,
Alex
More information about the freebsd-geom
mailing list