Author

Topic: Data Recovery - Tails/Luks - help will pay 1BTC! (Read 949 times)

newbie
Activity: 7
Merit: 0
Thank you. I have an image of the drive here but not uploaded any where yet. Do you think that is safe to do so?
I understand it is encrypted but even so?
Ah, i see, you have btc on it. (i thought just you have important mail/data/etc on usb).

Basectly, it's encrypted, so you can share the encrypted data (same situation, if someone stole your usb)...


Yeah man, two wallets. Had the seed of one backed up, not the other. It is on there on a text file somewhere!
That is all I need. I have recovered the other shit, well most of it from different places and can live without the rest but
them damn coins Sad
hero member
Activity: 525
Merit: 531
Thank you. I have an image of the drive here but not uploaded any where yet. Do you think that is safe to do so?
I understand it is encrypted but even so?
Ah, i see, you have btc on it. (i thought just you have important mail/data/etc on usb).

Basectly, it's encrypted, so you can share the encrypted data (same situation, if someone stole your usb)...
newbie
Activity: 7
Merit: 0
Blkid wont work.

Im being told it is not a LUKS device?
newbie
Activity: 7
Merit: 0

Run:
blkid /dev/sdc2

Edit:
/etc/crypttab

Find:
sdc2_crypt UUID=  .......

Are they the same?


Thanks. On ubuntu or on tails itself. I am assuming ubuntu?
Either way I will report back later.
full member
Activity: 238
Merit: 100
★YoBit.Net★ 350+ Coins Exchange & Dice

Run:
blkid /dev/sdc2

Edit:
/etc/crypttab

Find:
sdc2_crypt UUID=  .......

Are they the same?
newbie
Activity: 7
Merit: 0
I got as far as fdisk -l

The tails USB shows up as dev/sdc1
IT says "Warning GPT (GUID Partition table) detected on "dev/sdc'! The util fdisk doesnt support GPT. Use GNU parted.

In gnome, the usb shows the first part as a tails OS and I can mount that, the second part as 'dev/sdc2' and it says "TailsData unknown" which is more than it says in tails. No option to mount or enter password.

I am now lost.
sr. member
Activity: 412
Merit: 287
Ubuntu is configured to detect these volumes, normally it'll ask you for the password if you pop it in (not in Tails).  Obviously if there is damage, you'll have to do more. Hopefully it's just a case of Tails moving the option somewhere..

For starters, have a look at the Ubuntu manual for LUKS. https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage It shows you how to create these volumes, and mount them by hand.

Insert your usb and do `dmesg | tail -n 20` to quickly learn the device.
`sudo fdisk -l /dev/` to see the partition layout (lowercase L)
`sudo cryptsetup luksOpen /dev/ map_my_usb`
Should prompt for your password.

`sudo mkdir /media/my_usb && mount /dev/mapper/map/ /media/my_usb`

If this worked, you're in! If not, you have bigger problems.

https://www.lisenet.com/2013/luks-add-keys-backup-and-restore-volume-header/ Covers your LUKS header, which if damaged, means cryptsetup doesn't have the metadata required to derive the key..

I managed to get access with a huge amount of effort, but this article appeared to go into some thing you can do to fix corruption: http://blog.miketoscano.com/?p=72

Good luck!
newbie
Activity: 7
Merit: 0
Thank you. I have an image of the drive here but not uploaded any where yet. Do you think that is safe to do so?
I understand it is encrypted but even so?
hero member
Activity: 525
Merit: 531
create a dd image from the usb driver, upload it to somewhere (dropbox, googledrive)
newbie
Activity: 7
Merit: 0
Hi there, I may have been registered on here before but I cant actually remember so for now we will go with me being a newbie! Hi all Smiley

Firstly mods, I do hope this is allowed and I also hope it is in a suitable section.

Long story short, had a tails USB drive, all was well. One day I plugged it in and the option to enable persistence in the greeter was not there.
It was not there after many attempts. It no longer shows as "encrypted" and it shows as "unknown", same story if you look at it from another tails.

I have explained it in detail here:

http://www.reddit.com/r/tails/comments/3abl7q/tails_14_persistence_vanished_help/

http://www.reddit.com/r/datarecovery/comments/3b2x3n/luks_lost_header/

As mentioned in the links, if anyone can get into it I can give at least 1BTC to them.

I know I should have had it backed up! This has been killing me all week. I look forward to the replies.
Jump to: