Forgotten LUKS passphrase

linux passphrase password-recovery

i am stuck with a big problem.

I have encrypted my linux drive with LUKS and now I can't remember it. During boot, it prompts me for the passphrase, but I went into troubleshooting mode and deleted the entry from /etc/crypttab so at least I can boot now into my account but that doesn't solve the problem. I can't access my drive /dev/sda5.

Can someone please show me a way to crack the passphrase or is there no way around it.


Solution 1:

There is no way around it. That the whole point of encryption in the first place.

You will have to erase the partition and start over, all data is lost.

Solution 2:

Unless you chose to make a backup of the encryption key during the installation (if installed using the alternate installer of Ubuntu for example), then you're the only capable of decrypting the key on the disk to unlock the volume.

No way to recover from the volume. Recover from backups.

As @DietrichEpp mentioned: this is the whole point encryption in the first place. Nobody should be able to read your data unless the correct key/passphrase is provided, including yourself.

Solution 3:

I have created a Windows program that will perform a dictionary attack on Luks volumes. http://code.google.com/p/luks-volume-cracker/ Its slow by design!

Solution 4:

Use brute-force if you remember enough information about password. I wrote script that call

echo 'passwordcandidate' | cryptsetup luksOpen /dev/sda5 test

If the exit code is 0 then the password is correct. If the exit code is 2 try next. With 4 threads on 4-core CPU the speed is 1 password/s.

The fastest method to brute-force the LUKS disk I found is Hashcat. Now it supports LUKS. Example for the combination of two wordlists:

hashcat64.bin -m 14600 -a 1 /dev/sda5 start.dict end.dict

On my GeForce GT 720M the speed is 50 password/s.

If you have access to the more powerful computer, you can take only the first 2 MB from your luks-disk.

dd if=/dev/sda5 of=luks-header-hashcat-sda5 bs=512 count=4097
hashcat64.bin -m 14600 -a 1 luks-header-hashcat-sda5 start.dict end.dict

Read more https://hashcat.net/forum/thread-6225.html

Related

How can I list cancelled/declined meetings? [duplicate]
Mac Text Editor (with function list) [duplicate]
What does end of Windows XP support in 2014/04 mean for the end users?
Will I suffer any major drawback(s) if I have the drive formatted as FAT-32
Brand new laptop, two years in storage, will the battery be ok?
Chrome does not follow hosts file
How do I sync grouped Windows Store apps between devices?
How to disable the light sensor on a Vaio laptop
Is there a performance advantage in having my HDD split into partitions? [duplicate]
Empty folder has 3.46 GB. Why?
How do I do a search in File Explorer that includes subfolders of zip archives?
Vacation Response Loop