Accessing an ecryptfs filesystem on a LVM group (Synology encrypted drive)

/, Embedded Systems and Micro controllers/Accessing an ecryptfs filesystem on a LVM group (Synology encrypted drive)

Accessing an ecryptfs filesystem on a LVM group (Synology encrypted drive)

I was in need today to access one of my older Synology hard drives, that I had encrypted before. As I have no slot currently available in my NAS, so I tried to access it through an Ubuntu Linux via USB connection.

First of all, the encrypted device is on a LVM (Logical Volume Manager 2 Member), as it was part of a raid cluster. Second it was encrypted using ecryptfs.

So I started to try to mount the raid volume first. I needed the mdadm software installed.  There will be a pop up asking for the desired mail configuration. Just switch to “no configuration” and hit “Ok” here, as it is not important what you choose here (in fact, I just booted from a live DVD). After installation I tried to re-assemble the array.

After that, I tried to mount the disc the „common“ way – I encountered the following error:

A simple

is resulting in the following output, stating, that the md3 has an invalid partition table:

After taking a look to the way LVM handled partitions, I move further on with the next step, wheer we will get the the LVM mounted a different way. Let´s  start with scanning for all logical volumes:

So, we found something, but it is inactive. Let´s get it active by:

Here we used the device-mapper kernel module to get it right. Now we are ready to mount this partion where we need it. So, after mounting I got access to the device again. First part solved so far.

Now dealing with the encryption

There is a great tutorial available (in German), so I will just summarize all necessary steps here. Installing the ecryptfs-utils first, followed by mounting them with the normal mount command.

You will be asked to enter the passphrase used for encryption. This is not your user password, but the actual phrase you used before to encypt your shared folder.

You will be asked a couple of questions, just choose:

  • “ AES cipher”
  • “32 bytes key size” (non standard answer!)
  • “ y for Enable plaintext pass-through” (non standard answer!)
  • “ y for Enable filename encryption”  (non standard answer!)
  • Now accept with Enter and proceed the warning

Now you should be able can access your data.[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

Leave A Comment