In case the Linux box doesn’t boot, and it has full disk encryption using true-crypt, then follow along to get those partitions loaded, mounted, etc…
First of all if your system isn’t booting, you’ll have to boot from a Linux live media (cd, usb, etc). Then you’ll have the task of designating what partitions to decrypt, and finally you’ll be able to mount the partitions and work on them as expected.
Determine the drive specs:
fdisk -l
In the case of an encrypted file system, you typically have the following schema:
Device Boot Start End Blocks Id System
/dev/sda1 * x x x 83 Linux
/dev/sda2 x x x 5 extended
/dev/sda5 x x x 83 Linux
In this example, sda1 is bootable (and usually quite small)… This would typically be your unencrypted boot volume.
sda2 extended –> This partition is an extended one… Thus just a container for the logical volume below it.
sda5 Linux. –> This would typically be your encrypted file system, thus this is the one you will be working with.
First, you have to use the internet and bring the packages (not typically on a live media).
apt-get update
apt-get install hashalot lvm2
Now to decrypt it.
cryptsetup luksOpen /dev/sda5 crypt
(You’ll then be prompted for your passphrase) –> Or key if you are using a key-file instead.
Once it is unlocked successfully, it will say “Key slot X unlocked.”
If you haven’t dealt with this in awhile, or can’t remember the name of the VG(s). No problem.
type “vgs
” (this will display the name of the Volume Group, # of Physical Volumes, Attributes, Volume Size, and Volume Free.
Once you have this info, you are then ready to mount and work with it.
A good place to start is with Logical Volumes, to see what they are called issue:
lvs
That command will list all of the logical volumes, attributes and Logical Volume Sizes.
So now we are ready to do the work.
First, let’s create a directory to work from. (mkdir -p /mnt/recovery/boot
)
Then we’ll mount them:
mount /dev/mapper/VGNAME-LVNAME /mnt/recovery
in my test case, it’s “mount /dev/mapper/myvg-root /mnt/recovery
”
then if we have to mess around with the inability to boot, then we’ll want to mount the boot volume.
mount /dev/mapper/sda2 /mnt/recover/boot
NOTE: If in the above steps you get errors indicating that the special device /dev/mapper/myvg-root doesn’t exist, then you have to do the following steps:
vgscan --mknodes
vgchange -ay
Confirm by typing: ls -l /dev/mapper
If you have to do some work with the boot environment, like mucking about with grub, and update-grub doesn’t work do the following:
mount --bind /dev /mnt/recovery/dev
now do a chroot.
chroot /mnt/recovery
Now, you have to mount some important file systems.
mount -t proc proc /proc
mount -t sysfs sys /sys
mkdir /dev/pts
mount -t devpts devpts /dev/pts
Now update-grub
should work. (Depends on /dev, so it has to be there… in chroot environment, has to be mounted as “mount –bind” line above (outside of chroot ).