Softraid Encryption ?Corruption after Power Failure/Unclean Shutdown
Was wondering if someone could help me out of a peculiar situation
I have an external USB HDD encrypted with softraid which went
a recent power failure. Upon booting up the system, bioctl asked
me for a
"New Passphrase" when trying to mount the disk. I'm assuming the
failure/unclean shutdown possibly corrupted something and now bioctl
doesn't recognise the existing encrypted partition.
1) I went ahead and
entered the exact same passphrase as used before and
bioctl asked for
re-confirmation which I entered again. It then did something
and the HDD
chugged away for a bit (<1min).
2) I then tried to mount the partition but got
an "Invalid Argument" from
mount_ffs. I then had a look at the disk with
disklabel and there was only
3) I then recreated the
disklabel from the relevant backup in /var/backups
making sure the offsets and
sectors etc were right. Still would not mount.
4) I then fscked (interactive)
the relevant partition and fsck claimed the
superblock was wrong/missing and
could not find any alternative super-
5) I then ran testdisk and
photorec (data recovery software
see if there was anything
recognizable on the partition (softraid-decrypted)
at all. Photorec found
1 file which turned out to be a false positive.
think the problem here would be at the softraid layer. Is there anything that
can be done to restore the drive? I know the original passphrase, encryption
parameters, disklabel parameters, block size, reserved space, etc and have
newfs-ed the drive since creating it originally.
Re: Softraid Encryption ?Corruption after Power Failure/Unclean Shutdown
On Fri, Sep 16, 2011 at 05:38:59PM -0700, Tom wrote:
> I think the problem here would be at the softraid layer. Is there anything
> can be done to restore the drive? I know the original passphrase,
> parameters, disklabel parameters, block size, reserved space, etc and have
> not newfs-ed the drive since creating it originally.
I'm afraid your data is lost. When you entered a "new" passphrase, a new
random encryption key was created and stored (encrypted with the
passphrase) at the same location as the old one (see
/usr/src/sys/dev/softraid_crypto.c, line 571 and line 576). That means
the old encryption key has been overwritten and your disk content
reduced to bit rubbish. I just hope there wasn't too much important data
on the partition...
[demime 1.01d removed an attachment of type application/pgp-signature]