Encryption password help

Shinookami

New Member
Joined
Feb 11, 2022
Messages
4
Reaction score
1
Credits
36
Hello so I'm having trouble getting into my Linux computer I have the hard drive and everything encrypted and I cannot remember my hard drive encryption password and was trying to see if anyone knows how reset the password from the grub menu or if I have to have my live disc in order to do so
 


Then you lost that data.

If there was a way to bypass encryption, it'd not really be good encryption now would it?

You can try 'brute force' methods, but those can take *decades* to complete, though made quite a bit faster if you can recall part(s) of the original password.

In the real world, the data is gone. Count this as a valuable lesson and be glad you didn't spend 2800 on a college course to learn it.

Sorry about your data loss. Seriously, consider this a learning opportunity and never make this mistake again.
 
Yep without the passphrase you are "up a creek without a paddle" as the saying goes - there is a way to remove/convert the LUKS key but that does noting about the encryption - you still need the original passphrase to modify it if it is LUKS1 encryption there is a way to recover the password from LUKS1 but if it is LUKS2 that is stored directly in the kernel


The only way to fix it without a passphrase- reformat and reload
 
As I re-read my post, it comes off colder sounding than I intended. My bad. That was not intentional.

I empathize to some extent. People don't necessarily understand encryption as well as they could. When you're opting to encrypt your drive during the installation, maybe the installer could explain the risk in a few short sentences.

For encryption to be any good, it can't be undone without the passphrase. That's the whole point, really. If it were easy to bypass, like ROT13 for example, we'd not use it for things like full disk encryption.
 
Wonder if they backed up the LUKS header? Well anyway here is how to do it thought I would just throw this out there in case anyone needs the info

Making the long story short, if your LUKS header gets damaged/corrupted, all data is gone. To prevent this from happening, you need to create a header backup. This can be done by issuing the following command:

Code:
sudo cryptsetup luksHeaderBackup <device> --header-backup-file <file>

Where <device> is a LUKS volume disk and <file> is a name of a header backup file to be created. In this case the LUKS is on an external HD - mine as a matter of fact this is how I back it up

Code:
sudo cryptsetup luksHeaderBackup /dev/sdb1 --header-backup-file /root/sdb1-header-backup

The file is now in the /root folder which is hidden and you need root access to get to it from there you can move it to anywhere else like to a thumb drive if you choose

Note: It is often recommended to backup the headers securely, i.e. on a encrypted drive. However, “I put mine on /boot, as this is an unencrypted partition, and the file is small (2MiB).
There’s no great security loss in this – anyone with physical access (or root access) to your device can simply dump the header anyway so it don't matter by using the above command. If you’re really worried though, save it somewhere safe.

In case of disaster where our LUKS header gets broken, you can restore it by issuing the following command:

Code:
sudo cryptsetup luksHeaderRestore <device> --header-backup-file <file>
So in my case that would be since I moved it to /boot
Code:
sudo cryptsetup luksHeaderRestore /dev/sdb1--header-backup-file /boot/sdb1-header-backup
this will restore the dameged/corrputed LUKS header

NOTE: LUKS header restoration procedure will replace all key-slots, therefore only the passphrases from the backup will work afterwards!
 
Hello so I'm having trouble getting into my Linux computer I have the hard drive and everything encrypted and I cannot remember my hard drive encryption password and was trying to see if anyone knows how reset the password from the grub menu or if I have to have my live disc in order to do so
To help those better understand I have Linux mint 20. Something or other and I'm using grub to do so it's not the hard drive that's encrypted it's the hard drive files it was put on there at installation from a iOS file burned onto a flash drive as a bootable drive if that helps I understand some not all but some things when it comes to hacking messed around with that for a bit never could sit down and just learn on my own
 
files it was put on there at installation from a iOS file burned onto a flash drive as a bootable drive
So let me get this straight you burned MAC (iOS) boot files onto a thumb drive to install Linux? If so why?
Also you said "and I'm using grub to do so" using grub for what exactly?
To find out what Linux Mint version you are running open the terminal and type in
Code:
inxi -Fxz
this will output info about you machine and OS.

If the encrypted files are in your home directory you can do the following

Log in to the live environment from your Live USB and ensure the partition containing your encrypted home directory is mounted. You can easily mount it by clicking It in the file manager – you’ll see an eject (unmount) icon, indicating the partition is mounted.

Next, start the terminal and run the following command to search your mounted file systems for encrypted private directories

Code:
sudo ecryptfs-recover-private

The command will offer to recover an encrypted directory if it locates one
If it finds it the command will mount the encrypted directory in your /tmp directory.

You’ll be able to access your files from the Nemo window running as root. From here, you can then copy the files to an external hard drive or another location. You must copy the files from /tmp directory before you reboot otherwise they will be deleted upon the next restart
 
Last edited by a moderator:
No I downloaded a iso of Linux mint 20. (Cinnamon) and Grub is what was installed on my computer when I wiped the drive and had the iso install/portion the hard drive for me. When I did the install of it I did it in compatibly mode
 

Staff online

Members online


Latest posts

Top