Accessing an ecryptfs filesystem on a LVM group (Synology encrypted drive)

/, Embedded Systems and Micro controllers/Accessing an ecryptfs filesystem on a LVM group (Synology encrypted drive)

Accessing an ecryptfs filesystem on a LVM group (Synology encrypted drive)

I was in need today to access one of my older Synology hard drives, that I had encrypted before. As I have no slot currently available in my NAS, so I tried to access it through an Ubuntu Linux via USB connection.

First of all, the encrypted device is on a LVM (Logical Volume Manager 2 Member), as it was part of a raid cluster. Second it was encrypted using ecryptfs.

So I started to try to mount the raid volume first. I needed the mdadm software installed.  There will be a pop up asking for the desired mail configuration. Just switch to “no configuration” and hit “Ok” here, as it is not important what you choose here (in fact, I just booted from a live DVD). After installation I tried to re-assemble the array.

sudo apt-get update
sudo apt-get install mdadm
sudo mdadm --assemble –scan
sudo mkdir /path/to/data

After that, I tried to mount the disc the „common“ way – I encountered the following error:

mount: unknown filesystem type ‘LVM2_member’

A simple

sudo fdisk -l

is resulting in the following output, stating, that the md3 has an invalid partition table:

Disk /dev/sdb: 2000.4 GB, 2000398934016 bytes
255 heads, 63 sectors/track, 243201 cylinders, total 3907029168 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x0007cd12

   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1             256     4980735     2490240   fd  Linux raid autodetect
/dev/sdb2         4980736     9175039     2097152   fd  Linux raid autodetect
/dev/sdb3         9437184  3907015007  1948788912    f  W95 Ext'd (LBA)
/dev/sdb5         9453280  3907015007  1948780864   fd  Linux raid autodetect

Disk /dev/md3: 1995.6 GB, 1995550359552 bytes
2 heads, 4 sectors/track, 487194912 cylinders, total 3897559296 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000

Disk /dev/md3 doesn't contain a valid partition table

After taking a look to the way LVM handled partitions, I move further on with the next step, wheer we will get the the LVM mounted a different way. Let´s  start with scanning for all logical volumes:

seiler@seiler-VirtualBox:/$ sudo lvscan
inactive          '/dev/vg1001/lv' 
[1.81 TiB] inherit

So, we found something, but it is inactive. Let´s get it active by:

seiler@seiler-VirtualBox:/$ sudo modprobe dm-mod
seiler@seiler-VirtualBox:/$ sudo vgchange -ay
 1 logical volume(s) in volume group "vg1001" now active 
seiler@seiler-VirtualBox:/$ sudo lvscan
ACTIVE '/dev/vg1001/lv' [1.81 TiB] inherit

Here we used the device-mapper kernel module to get it right. Now we are ready to mount this partion where we need it. So, after mounting I got access to the device again. First part solved so far.

Now dealing with the encryption

There is a great tutorial available (in German), so I will just summarize all necessary steps here. Installing the ecryptfs-utils first, followed by mounting them with the normal mount command.

sudo apt-get install ecryptfs-utils
sudo mount -t ecryptfs /path/to/your/@Folder@ /mnt/YourFolder

You will be asked to enter the passphrase used for encryption. This is not your user password, but the actual phrase you used before to encypt your shared folder.

You will be asked a couple of questions, just choose:

  • “ AES cipher”
  • “32 bytes key size” (non standard answer!)
  • “ y for Enable plaintext pass-through” (non standard answer!)
  • “ y for Enable filename encryption”  (non standard answer!)
  • Now accept with Enter and proceed the warning

Now you should be able can access your data.

2019-01-03T16:47:22+02:00Tags: , , |

Share This Story, Choose Your Platform!

Leave A Comment