LUKS volume doesn't recognize password after unexpected shutdown

Time0 · 2023-10-22 15:45:50

I've been using the current setup for 2 months as my main system. There were no problems unlocking the root volume on boot (grub, UEFI) all this time.

After a routine boot, the system froze in the search bar of GNOME DE. I forced shutdown, booted again, system asks for LUKS key. Since now I've had no success unlocking the volume with my password. I tried unlocking it on an installation medium of arch and chroot into it, but cryptsetup also wouldn't recognize my password, saying "no key available with this passphrase". There's no doubt I'm typing the password correctly. I do not load any other keyboard layout, even if so I tried unlocking the volume on another system.

Is there any way to recover data stored on my disk? I have valuable data stored there, including the work data.
If not, how can I prevent this from happening in the future?

Thank you

frostschutz · 2023-10-22 16:27:22

Is there any way to recover data stored on my disk?

If the header is irrecoverably damaged, then no. I did a write up of how to repair one over here, but it might not help in your situation: https://unix.stackexchange.com/a/741850/30851 - at most you could use it to check if your metadata is still valid, and if your key material is random data or not... (if it's not there's no point to keep trying anything)

Unfortunately you're already ruling out everything I can think of - argon2 is sensitive to bad memory which leads to exactly "no key available" but you said you tried it on another system too, so it shouldn't be that (unless both your systems got bad ram).

There was this issue recently (powerloss during luksChangeKey) https://bbs.archlinux.org/viewtopic.php?id=289104 but if that was your issue you would already have mentioned it.

Did you check cryptsetup luksDump? If there is more than one keyslot in use, try all passphrases you have for them.

If not, how can I prevent this from happening in the future?

It's not supposed to happen at all. That said a single bad sector can kill an entire LUKS device.

Backup your files... and your LUKS headers, partition tables, metadata.

Last edited by frostschutz (2023-10-22 16:28:51)

Time0 · 2023-12-09 19:42:54

Update: I was able to decrypt my LUKS volume! I was hopeless but decided to give your instruction (https://unix.stackexchange.com/a/741850/30851) a shot, booted to the arch installation medium. Just before I began, I tried to unlock the volume, entered my passphrase and surprisingly it has actually decrypted...

I can't wrap my head around this. As described in my original post, I've made ton of attempts to decrypt it the regular way. I'm left clueless.

Thanks for the reply forstschutz! I followed your advice and backed up my LUKS header and all sensible files. Guess the lesson is: backup your data.

frostschutz · 2023-12-09 20:24:07

If you believe that you typed the correct passphrase and LUKS didn't accept it regardless, run a memtest. LUKS 2 (argon2id key) is sensitive to memory related issues. (Edit: whoops, it was already mentioned earlier).

Anyways, good you could recover it.

Last edited by frostschutz (2023-12-09 20:25:49)

Arch Linux

#1 2023-10-22 15:45:50

LUKS volume doesn't recognize password after unexpected shutdown

#2 2023-10-22 16:27:22

Re: LUKS volume doesn't recognize password after unexpected shutdown

#3 2023-12-09 19:42:54

Re: LUKS volume doesn't recognize password after unexpected shutdown

#4 2023-12-09 20:24:07

Re: LUKS volume doesn't recognize password after unexpected shutdown

Board footer