Rescuing encrypted system


#1

I can get into the rescue environment by Ctrl-N ing at boot time, but there seems to be no way of decrypting my partitions. Any ideas? I use cryptsetup with Luks.


#2

Hi Tony,

I think in this situation (authorisation to log into cloud account etc.) you should email the support team with this one! If you consider it to be urgent, if you add [URGENT] to the start of the subject line, it will be picked up by the on-call engineer and they’ll try help the best they can!

Thanks,
Tim


#3

Not urgent. I’m playing with a soon to be dumped BigV machine.

I have booted into the rescue environment, but cannot find any tools to open my encrypted partition, so the I can then load LVM and mount /.

I had assumed that it would be easy! Ignorance is bliss.


#4

Once you’re in the netboot environment you should be able to use apt-get as normal, so you should be able to install the LUKS tools with (for example): apt-get install cryptsetup-bin

Once that’s done you should be able to use cryptsetup luksOpen as normal.


#5

Maybe I’m not in netboot then!

I am using the VNC serial console and when I hit the CTRL-N button it took me into what it claimed was a rescue system. It didn’t have the top level menu that is in the documentation.

apt-get xxx just says apt-get not found.


#6

We’ve very very recently (last few days) swapped to an alpine based netboot environment from a Debian one.

Try running
apk add cryptsetup


#7

Holey moley. It works.

I’m all for moving forwards, but I’d appreciate up to date documentation.

I’ve slept peacefully for years knowing that if things went badly, I could just netboot and poke around and fix things.

As an exercise I tried it, and failed.

I’m pleased that there’s been a lot of useful feedback her, but if it were an emergency, things could have gone badly, and I’m not sure that this would really come under the umberella of emergency out of hours support.

Is there somewhere I can look to get an overview on the new rescue environment?

Many thanks anyway. Bytemark still rocks.


#8

From your point of view what’s changed is the distribution it’s based off.

Debian was getting a bit large to be run entirely in ram on a 1GB VM

At this moment in time I can point you towards https://wiki.alpinelinux.org/wiki/Alpine_Linux_package_management

Although yes we do need to update the documentation too.