I was in need today to access one of my older Synology hard drives, that I had encrypted before. As I have no slot currently available in my NAS, so I tried to access it through an Ubuntu Linux via USB connection.
First of all, the encrypted device is on a LVM (Logical Volume Manager 2 Member), as it was part of a raid cluster. Second it was encrypted using ecryptfs.
So I started to try to mount the raid volume first. I needed the mdadm software installed. There will be a pop up asking for the desired mail configuration. Just switch to “no configuration” and hit “Ok” here, as it is not important what you choose here (in fact, I just booted from a live DVD). After installation I tried to re-assemble the array.
|
1 2 3 4 5 |
sudo apt-get update sudo apt-get install mdadm sudo mdadm --assemble –scan <em>sudo mkdir /path/to/data </em> |
After that, I tried to mount the disc the „common“ way – I encountered the following error:
|
1 |
mount: unknown filesystem type ‘LVM2_member’ |
A simple
|
1 |
sudo fdisk -l |
is resulting in the following output, stating, that the md3 has an invalid partition table:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
Disk /dev/sdb: 2000.4 GB, 2000398934016 bytes 255 heads, 63 sectors/track, 243201 cylinders, total 3907029168 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x0007cd12 Device Boot Start End Blocks Id System /dev/sdb1 256 4980735 2490240 fd Linux raid autodetect /dev/sdb2 4980736 9175039 2097152 fd Linux raid autodetect /dev/sdb3 9437184 3907015007 1948788912 f W95 Ext'd (LBA) /dev/sdb5 9453280 3907015007 1948780864 fd Linux raid autodetect Disk /dev/md3: 1995.6 GB, 1995550359552 bytes 2 heads, 4 sectors/track, 487194912 cylinders, total 3897559296 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Disk /dev/md3 doesn't contain a valid partition table |
After taking a look to the way LVM handled partitions, I move further on with the next step, wheer we will get the the LVM mounted a different way. Let´s start with scanning for all logical volumes:
|
1 2 |
seiler@seiler-VirtualBox:/$ sudo lvscan inactive '/dev/vg1001/lv' [fusion_builder_container hundred_percent="yes" overflow="visible"][fusion_builder_row][fusion_builder_column type="1_1" background_position="left top" background_color="" border_size="" border_color="" border_style="solid" spacing="yes" background_image="" background_repeat="no-repeat" padding="" margin_top="0px" margin_bottom="0px" class="" id="" animation_type="" animation_speed="0.3" animation_direction="left" hide_on_mobile="no" center_content="no" min_height="none"][1.81 TiB] inherit |
So, we found something, but it is inactive. Let´s get it active by:
|
1 2 3 4 5 |
seiler@seiler-VirtualBox:/$ sudo modprobe dm-mod seiler@seiler-VirtualBox:/$ sudo vgchange -ay 1 logical volume(s) in volume group "vg1001" now active seiler@seiler-VirtualBox:/$ sudo lvscan ACTIVE '/dev/vg1001/lv' [1.81 TiB] inherit |
Here we used the device-mapper kernel module to get it right. Now we are ready to mount this partion where we need it. So, after mounting I got access to the device again. First part solved so far.
Now dealing with the encryption…
There is a great tutorial available (in German), so I will just summarize all necessary steps here. Installing the ecryptfs-utils first, followed by mounting them with the normal mount command.
|
1 2 |
sudo apt-get install ecryptfs-utils sudo mount -t ecryptfs /path/to/your/@Folder@ /mnt/YourFolder |
You will be asked to enter the passphrase used for encryption. This is not your user password, but the actual phrase you used before to encypt your shared folder.
You will be asked a couple of questions, just choose:
- “ AES cipher”
- “32 bytes key size” (non standard answer!)
- “ y for Enable plaintext pass-through” (non standard answer!)
- “ y for Enable filename encryption” (non standard answer!)
- Now accept with Enter and proceed the warning
Now you should be able can access your data.[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]
Leave A Comment