0

Iam trying to recover my data and need help/advice on how to do it. The details of my issue are as below

My disk was partitioned as below -

  • sda1 - 487MB, primary bootable type 83
  • sda2 - 240G , extended type 5
  • sda5 - 240G type 83

sda5 was LUKS encrypted and had -

  • 1VG - kali-vg
  • 1PV - /dev/mapper/cr-ext
  • 4 LVs -
    • kali-vg--root - 50GiB
    • kali-vg--home - <154GiB
    • kali-vg--var - <29.09GiB
    • kali-vg--tmp - <5.86GiB
    • kali-vg--swap_1 - 976MiB

I was trying to shrink and move my logical volumes on LUKS encrypted partitions as per the below blogs -

https://linux-blog.anracom.com/2018/11/09/shrinking-an-encrypted-partition-with-lvm-on-luks/ https://matthiaslee.com/moving-a-luks-encrypted-lvm-with-dd-and-sfdisk/ However, I did all the steps but after reboot , was faced with the grub rescue screen. I tried to correct it by mounting a live kalicd and running testdisk . During running testdisk, I accidentally wrote the testdisk MBR to my disk . On the next reboot , I ended up with initramfs. Like an idiot, I again mounted from live CD and tried to revert the steps I had followed to shrink the LVs. In this process, I extended the LVs but got the "

Bad magic number in super-block e2fsck: Superblock invalid, trying backup blocks... e2fsck: Bad magic number in super-block while trying to open /dev/sda5 The superblock could not be read or does not describe a valid ext2/ext3/ext4 filesystem. If the device is valid and it really contains an ext2/ext3/ext4 filesystem (and not swap or ufs or something else), then the superblock is corrupt, and you might try running e2fsck with an alternate superblock:

error. Running mke2fs.ext4 -n /dev/sda5 gave me some superblocks but e2fsck on these also did not help. To solve this, again stupidly, thinking I need to recreate the filesystems, I ran the mkfs.ext4 and I think now I have lost the data on disk as well . I tried using fdisk and parted to see if I can retrieve the old MBR,partitions but nothing works. I managed to take a clone of the entire disk using clonezilla to an external hard drive but every time I reboot, i get the 1234F: on boot.I am now looking at some options to at least recover my data from the clonezilla backup

Regards, praveenpanth

OK, I managed to copy the data now but not able to paste the full list due to size restrictions , how can I do it ?

┌──(root㉿kali)-[~] └─# sudo hexdump -C /dev/sda |grep -i luks 1e800400 4c 55 4b 53 ba be 00 02 00 00 00 00 00 00 40 00 |LUKS..........@.| 1e801410 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 1e805410 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 1e900000 4c 55 4b 53 ba be 00 02 00 00 00 00 00 00 40 00 |LUKS..........@.| 1e901010 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 1e905010 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 20eed000 0d f5 4c 55 6b 53 04 85 d7 29 43 90 f4 d2 31 40 |..LUkS...)C...1@| 290fe7a0 8f b4 61 37 2c 4c 55 4b 73 ed c3 83 91 aa 2a 50 |..a7,LUKs.....*P| 6a182bd0 31 bc 4c 75 4b 53 fe 61 41 5a e9 75 35 33 9f c4 |1.LuKS.aAZ.u53..| 6ace2b60 f6 12 2a 63 66 7d 65 80 a8 da 4c 55 4b 73 6a 5d |..*cf}e...LUKsj]| 732e3b10 ed 6c 55 4b 53 b9 7e f5 bb ee d3 f6 48 13 58 a9 |.lUKS.~.....H.X.| 85884f30 af 6a 80 e5 d3 07 45 fe 9b 18 04 33 4c 55 6b 73 |.j....E....3LUks| 88595100 83 82 6c be d0 fe a8 8f 99 4c 75 6b 53 db 22 19 |..l......LukS.".| 936c39a0 c2 40 0a fe ba 1c d3 e5 92 dd 00 c9 4c 55 4b 53 |[email protected]| 93b31890 fd 37 e3 87 d5 01 6c 75 4b 53 23 28 9d a8 fb 8b |.7....luKS#(....| 95856e50 cb 73 98 bc 44 29 c8 e2 86 ea a8 6c 55 6b 53 e2 |.s..D).....lUkS.| 9e995c00 4c 55 4b 53 ba be 00 02 00 00 00 00 00 00 40 00 |LUKS..........@.| 9e996c10 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 9e99ac10 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| a0f82c00 0d f5 4c 55 6b 53 04 85 d7 29 43 90 f4 d2 31 40 |..LUkS...)C...1@| a91943a0 8f b4 61 37 2c 4c 55 4b 73 ed c3 83 91 aa 2a 50 |..a7,LUKs.....*P| ea2187d0 31 bc 4c 75 4b 53 fe 61 41 5a e9 75 35 33 9f c4 |1.LuKS.aAZ.u53..| ead78760 f6 12 2a 63 66 7d 65 80 a8 da 4c 55 4b 73 6a 5d |..*cf}e...LUKsj]| f3379710 ed 6c 55 4b 53 b9 7e f5 bb ee d3 f6 48 13 58 a9 |.lUKS.~.....H.X.| 10591ab30 af 6a 80 e5 d3 07 45 fe 9b 18 04 33 4c 55 6b 73 |.j....E....3LUks| 10862ad00 83 82 6c be d0 fe a8 8f 99 4c 75 6b 53 db 22 19 |..l......LukS.".| 1137595a0 c2 40 0a fe ba 1c d3 e5 92 dd 00 c9 4c 55 4b 53 |[email protected]| 113bc7490 fd 37 e3 87 d5 01 6c 75 4b 53 23 28 9d a8 fb 8b |.7....luKS#(....| 1158eca50 cb 73 98 bc 44 29 c8 e2 86 ea a8 6c 55 6b 53 e2 |.s..D).....lUkS.| 11ea2b800 4c 55 4b 53 ba be 00 02 00 00 00 00 00 00 40 00 |LUKS..........@.| 11ea2c810 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 11ea30810 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 121018800 0d f5 4c 55 6b 53 04 85 d7 29 43 90 f4 d2 31 40 |..LUkS...)C...1@| 129229fa0 8f b4 61 37 2c 4c 55 4b 73 ed c3 83 91 aa 2a 50 |..a7,LUKs.....*P| 16a2ae3d0 31 bc 4c 75 4b 53 fe 61 41 5a e9 75 35 33 9f c4 |1.LuKS.aAZ.u53..| 16ae0e360 f6 12 2a 63 66 7d 65 80 a8 da 4c 55 4b 73 6a 5d |..*cf}e...LUKsj]| 17340f310 ed 6c 55 4b 53 b9 7e f5 bb ee d3 f6 48 13 58 a9 |.lUKS.~.....H.X.| 1859b0730 af 6a 80 e5 d3 07 45 fe 9b 18 04 33 4c 55 6b 73 |.j....E....3LUks| 1886c0900 83 82 6c be d0 fe a8 8f 99 4c 75 6b 53 db 22 19 |..l......LukS.".| 1937ef1a0 c2 40 0a fe ba 1c d3 e5 92 dd 00 c9 4c 55 4b 53 |[email protected]| 193c5d090 fd 37 e3 87 d5 01 6c 75 4b 53 23 28 9d a8 fb 8b |.7....luKS#(....| 195982650 cb 73 98 bc 44 29 c8 e2 86 ea a8 6c 55 6b 53 e2 |.s..D).....lUkS.| 19eac1400 4c 55 4b 53 ba be 00 02 00 00 00 00 00 00 40 00 |LUKS..........@.| 19eac2410 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 19eac6410 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 1a10ae400 0d f5 4c 55 6b 53 04 85 d7 29 43 90 f4 d2 31 40 |..LUkS...)C...1@| 1a92bfba0 8f b4 61 37 2c 4c 55 4b 73 ed c3 83 91 aa 2a 50 |..a7,LUKs.....*P| 1ea343fd0 31 bc 4c 75 4b 53 fe 61 41 5a e9 75 35 33 9f c4 |1.LuKS.aAZ.u53..| 1eaea3f60 f6 12 2a 63 66 7d 65 80 a8 da 4c 55 4b 73 6a 5d |..*cf}e...LUKsj]| 1f34a4f10 ed 6c 55 4b 53 b9 7e f5 bb ee d3 f6 48 13 58 a9 |.lUKS.~.....H.X.| 205a46330 af 6a 80 e5 d3 07 45 fe 9b 18 04 33 4c 55 6b 73 |.j....E....3LUks| 208756500 83 82 6c be d0 fe a8 8f 99 4c 75 6b 53 db 22 19 |..l......LukS.".| 213884da0 c2 40 0a fe ba 1c d3 e5 92 dd 00 c9 4c 55 4b 53 |[email protected]| 213cf2c90 fd 37 e3 87 d5 01 6c 75 4b 53 23 28 9d a8 fb 8b |.7....luKS#(....| 215a18250 cb 73 98 bc 44 29 c8 e2 86 ea a8 6c 55 6b 53 e2 |.s..D).....lUkS.| 21eb57000 4c 55 4b 53 ba be 00 02 00 00 00 00 00 00 40 00 |LUKS..........@.| 21eb58010 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 21eb5c010 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 221144000 0d f5 4c 55 6b 53 04 85 d7 29 43 90 f4 d2 31 40 |..LUkS...)C...1@| 2293557a0 8f b4 61 37 2c 4c 55 4b 73 ed c3 83 91 aa 2a 50 |..a7,LUKs.....*P| 26a3d9bd0 31 bc 4c 75 4b 53 fe 61 41 5a e9 75 35 33 9f c4 |1.LuKS.aAZ.u53..| 26af39b60 f6 12 2a 63 66 7d 65 80 a8 da 4c 55 4b 73 6a 5d |..*cf}e...LUKsj]| 27353ab10 ed 6c 55 4b 53 b9 7e f5 bb ee d3 f6 48 13 58 a9 |.lUKS.~.....H.X.| 285adbf30 af 6a 80 e5 d3 07 45 fe 9b 18 04 33 4c 55 6b 73 |.j....E....3LUks| 2887ec100 83 82 6c be d0 fe a8 8f 99 4c 75 6b 53 db 22 19 |..l......LukS.".| 29391a9a0 c2 40 0a fe ba 1c d3 e5 92 dd 00 c9 4c 55 4b 53 |[email protected]| 293d88890 fd 37 e3 87 d5 01 6c 75 4b 53 23 28 9d a8 fb 8b |.7....luKS#(....| 295aade50 cb 73 98 bc 44 29 c8 e2 86 ea a8 6c 55 6b 53 e2 |.s..D).....lUkS.| 29ebecc00 4c 55 4b 53 ba be 00 02 00 00 00 00 00 00 40 00 |LUKS..........@.| 29ebedc10 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 29ebf1c10 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 2a11d9c00 0d f5 4c 55 6b 53 04 85 d7 29 43 90 f4 d2 31 40 |..LUkS...)C...1@| 2a93eb3a0 8f b4 61 37 2c 4c 55 4b 73 ed c3 83 91 aa 2a 50 |..a7,LUKs.....*P| 2ea46f7d0 31 bc 4c 75 4b 53 fe 61 41 5a e9 75 35 33 9f c4 |1.LuKS.aAZ.u53..| 2eafcf760 f6 12 2a 63 66 7d 65 80 a8 da 4c 55 4b 73 6a 5d |..*cf}e...LUKsj]| 2f35d0710 ed 6c 55 4b 53 b9 7e f5 bb ee d3 f6 48 13 58 a9 |.lUKS.~.....H.X.| 305b71b30 af 6a 80 e5 d3 07 45 fe 9b 18 04 33 4c 55 6b 73 |.j....E....3LUks| 308881d00 83 82 6c be d0 fe a8 8f 99 4c 75 6b 53 db 22 19 |..l......LukS.".| 3139b05a0 c2 40 0a fe ba 1c d3 e5 92 dd 00 c9 4c 55 4b 53 |[email protected]| 313e1e490 fd 37 e3 87 d5 01 6c 75 4b 53 23 28 9d a8 fb 8b |.7....luKS#(....| 315b43a50 cb 73 98 bc 44 29 c8 e2 86 ea a8 6c 55 6b 53 e2 |.s..D).....lUkS.| 31ec82800 4c 55 4b 53 ba be 00 02 00 00 00 00 00 00 40 00 |LUKS..........@.| 31ec83810 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 31ec87810 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 32126f800 0d f5 4c 55 6b 53 04 85 d7 29 43 90 f4 d2 31 40 |..LUkS...)C...1@| 329480fa0 8f b4 61 37 2c 4c 55 4b 73 ed c3 83 91 aa 2a 50 |..a7,LUKs.....*P| 36a5053d0 31 bc 4c 75 4b 53 fe 61 41 5a e9 75 35 33 9f c4 |1.LuKS.aAZ.u53..| 36b065360 f6 12 2a 63 66 7d 65 80 a8 da 4c 55 4b 73 6a 5d |..*cf}e...LUKsj]| 373666310 ed 6c 55 4b 53 b9 7e f5 bb ee d3 f6 48 13 58 a9 |.lUKS.~.....H.X.| 385c07730 af 6a 80 e5 d3 07 45 fe 9b 18 04 33 4c 55 6b 73 |.j....E....3LUks| 388917900 83 82 6c be d0 fe a8 8f 99 4c 75 6b 53 db 22 19 |..l......LukS.".| 393a461a0 c2 40 0a fe ba 1c d3 e5 92 dd 00 c9 4c 55 4b 53 |[email protected]| 393eb4090 fd 37 e3 87 d5 01 6c 75 4b 53 23 28 9d a8 fb 8b |.7....luKS#(....| 395bd9650 cb 73 98 bc 44 29 c8 e2 86 ea a8 6c 55 6b 53 e2 |.s..D).....lUkS.| 39ed18400 4c 55 4b 53 ba be 00 02 00 00 00 00 00 00 40 00 |LUKS..........@.| 39ed19410 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 39ed1d410 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 3a1305400 0d f5 4c 55 6b 53 04 85 d7 29 43 90 f4 d2 31 40 |..LUkS...)C...1@| 3a9516ba0 8f b4 61 37 2c 4c 55 4b 73 ed c3 83 91 aa 2a 50 |..a7,LUKs.....*P| 3ea59afd0 31 bc 4c 75 4b 53 fe 61 41 5a e9 75 35 33 9f c4 |1.LuKS.aAZ.u53..| 3eb0faf60 f6 12 2a 63 66 7d 65 80 a8 da 4c 55 4b 73 6a 5d |..*cf}e...LUKsj]| 3f36fbf10 ed 6c 55 4b 53 b9 7e f5 bb ee d3 f6 48 13 58 a9 |.lUKS.~.....H.X.| 405c9d330 af 6a 80 e5 d3 07 45 fe 9b 18 04 33 4c 55 6b 73 |.j....E....3LUks| 4089ad500 83 82 6c be d0 fe a8 8f 99 4c 75 6b 53 db 22 19 |..l......LukS.".| 413adbda0 c2 40 0a fe ba 1c d3 e5 92 dd 00 c9 4c 55 4b 53 |[email protected]| 413f49c90 fd 37 e3 87 d5 01 6c 75 4b 53 23 28 9d a8 fb 8b |.7....luKS#(....| 415c6f250 cb 73 98 bc 44 29 c8 e2 86 ea a8 6c 55 6b 53 e2 |.s..D).....lUkS.| 41edae000 4c 55 4b 53 ba be 00 02 00 00 00 00 00 00 40 00 |LUKS..........@.| 41edaf010 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 41edb3010 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 42139b000 0d f5 4c 55 6b 53 04 85 d7 29 43 90 f4 d2 31 40 |..LUkS...)C...1@| 4295ac7a0 8f b4 61 37 2c 4c 55 4b 73 ed c3 83 91 aa 2a 50 |..a7,LUKs.....*P| 46a630bd0 31 bc 4c 75 4b 53 fe 61 41 5a e9 75 35 33 9f c4 |1.LuKS.aAZ.u53..| 46b190b60 f6 12 2a 63 66 7d 65 80 a8 da 4c 55 4b 73 6a 5d |..*cf}e...LUKsj]| 473791b10 ed 6c 55 4b 53 b9 7e f5 bb ee d3 f6 48 13 58 a9 |.lUKS.~.....H.X.| 485d32f30 af 6a 80 e5 d3 07 45 fe 9b 18 04 33 4c 55 6b 73 |.j....E....3LUks| 488a43100 83 82 6c be d0 fe a8 8f 99 4c 75 6b 53 db 22 19 |..l......LukS.".| 493b719a0 c2 40 0a fe ba 1c d3 e5 92 dd 00 c9 4c 55 4b 53 |[email protected]| 493fdf890 fd 37 e3 87 d5 01 6c 75 4b 53 23 28 9d a8 fb 8b |.7....luKS#(....| 495d04e50 cb 73 98 bc 44 29 c8 e2 86 ea a8 6c 55 6b 53 e2 |.s..D).....lUkS.| 49ee43c00 4c 55 4b 53 ba be 00 02 00 00 00 00 00 00 40 00 |LUKS..........@.| 49ee44c10 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 49ee48c10 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 4a1430c00 0d f5 4c 55 6b 53 04 85 d7 29 43 90 f4 d2 31 40 |..LUkS...)C...1@| 4a96423a0 8f b4 61 37 2c 4c 55 4b 73 ed c3 83 91 aa 2a 50 |..a7,LUKs.....*P| 4ea6c67d0 31 bc 4c 75 4b 53 fe 61 41 5a e9 75 35 33 9f c4 |1.LuKS.aAZ.u53..| 4eb226760 f6 12 2a 63 66 7d 65 80 a8 da 4c 55 4b 73 6a 5d |..*cf}e...LUKsj]| 4f3827710 ed 6c 55 4b 53 b9 7e f5 bb ee d3 f6 48 13 58 a9 |.lUKS.~.....H.X.| 505dc8b30 af 6a 80 e5 d3 07 45 fe 9b 18 04 33 4c 55 6b 73 |.j....E....3LUks| 508ad8d00 83 82 6c be d0 fe a8 8f 99 4c 75 6b 53 db 22 19 |..l......LukS.".| 513c075a0 c2 40 0a fe ba 1c d3 e5 92 dd 00 c9 4c 55 4b 53 |[email protected]| 514075490 fd 37 e3 87 d5 01 6c 75 4b 53 23 28 9d a8 fb 8b |.7....luKS#(....| 515d9aa50 cb 73 98 bc 44 29 c8 e2 86 ea a8 6c 55 6b 53 e2 |.s..D).....lUkS.| 51eed9800 4c 55 4b 53 ba be 00 02 00 00 00 00 00 00 40 00 |LUKS..........@.| 51eeda810 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 51eede810 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 5214c6800 0d f5 4c 55 6b 53 04 85 d7 29 43 90 f4 d2 31 40 |..LUkS...)C...1@| 5296d7fa0 8f b4 61 37 2c 4c 55 4b 73 ed c3 83 91 aa 2a 50 |..a7,LUKs.....*P| 56a75c3d0 31 bc 4c 75 4b 53 fe 61 41 5a e9 75 35 33 9f c4 |1.LuKS.aAZ.u53..| 56b2bc360 f6 12 2a 63 66 7d 65 80 a8 da 4c 55 4b 73 6a 5d |..*cf}e...LUKsj]| 5738bd310 ed 6c 55 4b 53 b9 7e f5 bb ee d3 f6 48 13 58 a9 |.lUKS.~.....H.X.| 585e5e730 af 6a 80 e5 d3 07 45 fe 9b 18 04 33 4c 55 6b 73 |.j....E....3LUks| 588b6e900 83 82 6c be d0 fe a8 8f 99 4c 75 6b 53 db 22 19 |..l......LukS.".| 593c9d1a0 c2 40 0a fe ba 1c d3 e5 92 dd 00 c9 4c 55 4b 53 |[email protected]| 59410b090 fd 37 e3 87 d5 01 6c 75 4b 53 23 28 9d a8 fb 8b |.7....luKS#(....| 595e30650 cb 73 98 bc 44 29 c8 e2 86 ea a8 6c 55 6b 53 e2 |.s..D).....lUkS.| 59ef6f400 4c 55 4b 53 ba be 00 02 00 00 00 00 00 00 40 00 |LUKS..........@.| 59ef70410 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 59ef74410 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 5a155c400 0d f5 4c 55 6b 53 04 85 d7 29 43 90 f4 d2 31 40 |..LUkS...)C...1@| 5a976dba0 8f b4 61 37 2c 4c 55 4b 73 ed c3 83 91 aa 2a 50 |..a7,LUKs.....*P| 5ea7f1fd0 31 bc 4c 75 4b 53 fe 61 41 5a e9 75 35 33 9f c4 |1.LuKS.aAZ.u53..| 5eb351f60 f6 12 2a 63 66 7d 65 80 a8 da 4c 55 4b 73 6a 5d |..*cf}e...LUKsj]| 5f3952f10 ed 6c 55 4b 53 b9 7e f5 bb ee d3 f6 48 13 58 a9 |.lUKS.~.....H.X.| 605ef4330 af 6a 80 e5 d3 07 45 fe 9b 18 04 33 4c 55 6b 73 |.j....E....3LUks| 608c04500 83 82 6c be d0 fe a8 8f 99 4c 75 6b 53 db 22 19 |..l......LukS.".| 613d32da0 c2 40 0a fe ba 1c d3 e5 92 dd 00 c9 4c 55 4b 53 |[email protected]| 6141a0c90 fd 37 e3 87 d5 01 6c 75 4b 53 23 28 9d a8 fb 8b |.7....luKS#(....| 615ec6250 cb 73 98 bc 44 29 c8 e2 86 ea a8 6c 55 6b 53 e2 |.s..D).....lUkS.| 61f005000 4c 55 4b 53 ba be 00 02 00 00 00 00 00 00 40 00 |LUKS..........@.| 61f006010 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 61f00a010 3a 7b 22 74 79 70 65 22 3a 22 6c 75 6b 73 32 22 |:{"type":"luks2"| 6215f2000 0d f5 4c 55 6b 53 04 85 d7 29 43 90 f4 d2 31 40 |..LUkS...)C...1@| 6298037a0 8f b4 61 37 2c 4c 55 4b 73 ed c3 83 91 aa 2a 50 |..a7,LUKs.....*P| 66a887bd0 31 bc 4c 75 4b 53 fe 61 41 5a e9 75 35 33 9f c4 |1.LuKS.aAZ.u53..| ......................................................... Output of luksDump /dev/sda5 - LUKS header information Version: 2 Epoch: 3 Metadata area: 16384 [bytes] Keyslots area: 16744448 [bytes] UUID: 3b14b69e-12df-4b45-9bc9-14a93d891c6d Label: (no label) Subsystem: (no subsystem) Flags: (no flags) Data segments: 0: crypt offset: 16777216 [bytes] length: (whole device) cipher: aes-xts-plain64 sector: 512 [bytes] Keyslots: 0: luks2 Key: 512 bits Priority: normal Cipher: aes-xts-plain64 Cipher key: 512 bits PBKDF: argon2i Time cost: 4 Memory: 144079 Threads: 2 Salt: 0e 98 67 c7 40 87 78 39 b2 08 fe 6c d1 db a9 c5 0f 72 fe 96 32 57 7b e0 d3 06 0e 9d a6 7c fa 53 AF stripes: 4000 AF hash: sha256 Area offset:32768 [bytes] Area length:258048 [bytes] Digest ID: 0 Tokens: Digests: 0: pbkdf2 Hash: sha256 Iterations: 32443 Salt: b0 ff 2a b0 97 ce 63 05 2e ef d2 53 34 76 ec b9 f3 c0 96 3d b0 8f 56 9c f3 db 73 e2 b9 8a 27 4c Digest: 60 c3 da 90 87 8f aa c6 12 0e 1d 66 60 9e a0 38 2b 65 d7 42 27 9e 1b df 52 bd 80 62 af 43 18 06
Improve this question
9
  • 3
    mkfs.ext4 trim/discards all data by default, so if sda is SSD, it might be gone completely from that alone. Even without discard, mkfs.ext4 is quite deadly to the LUKS header. Not much you can do, unless you happen to have a header backup from before this accident. Commented Nov 3 at 22:30
  • 2
    Same answer as last time. You've overwritten the LUKS header and unless you happen to have a backup of this somewhere (not the key, but the header) there will be no way back Commented Nov 3 at 22:31
  • 3
    Tell us that in your question. It's really important Commented Nov 4 at 7:30
  • 1
    Hi Chris , do you want me to list out the output from hexdump ? Pls clarify and I will try to get that information across Commented Nov 4 at 15:04
  • 1
    Is there a way I can upload attachments ? I can upload the whole text as a file Commented Nov 9 at 15:20

1 Answer 1

Reset to default
2

Your /dev/sda5 seems to be a LUKS-encrypted LVM physical volume (in other words, LVM-on-LUKS configuration), and running e2fsck /dev/sda5 is not the right thing to do. Fortunately, it detected that by itself and stopped before doing any damage.

mke2fs.ext4 -n /dev/sda5 does not do any damage either, because the -n option makes it to only simulate what it would normally do, without writing anything.

1234F at boot suggests the disk now contains a Syslinux MBR code within its Master Boot Record: this might mean you cloned individual partitions and not the whole disk. On systems booting in BIOS style, modern GRUB normally installs its core image outside any partitions, in the gap between the MBR and the beginning of the first partition. As a result, your clone is now missing a part of its bootloader, and it would need to be booted on another media, have the encryption unlocked, LVM activated, filesystem(s) mounted, then chrooted into and have its bootloader fixed.

Your LUKS key data seems fine. The problem is, you seem to be misunderstanding your system configuration and targeting wrong devices and/or missing some necessary steps as a result.

While booting from another media, you'll have to:

  1. unlock the encryption: cryptsetup open --type luks /dev/sda5 cr-ext and enter your disk encryption passphrase. This should cause the /dev/mapper/cr-ext device to appear.

  2. ensure the LVM volumes have been activated: vgchange -ay. If something is wrong at the LVM layer, this command will tell you. If successful, the /dev/mapper/kali--vg-* devices should now appear. If

  3. If you want/need to check your filesystems, you can do it at this point. You should use the LVM logical volumes as the e2fsck targets, not the encrypted LUKS partition /dev/sda5 and not the unlocked LVM PV /dev/mapper/cr-ext.

So:

e2fsck /dev/mapper/kali--vg-root e2fsck /dev/mapper/kali--vg-home e2fsck /dev/mapper/kali--vg-var e2fsck /dev/mapper/kali--vg-tmp

The swap LV /dev/mapper/kali--vg-swap_1 does not contain a filesystem, and the data within is useful for forensic analysis only at this point. We can ignore it.

  1. Mount your filesystem(s):
mkdir -p /mnt mount /dev/mapper/kali--vg-root /mnt mount /dev/mapper/kali--vg-home /mnt/home mount /dev/mapper/kali--vg-var /mnt/var mount /dev/mapper/kali--vg-tmp /mnt/tmp
  1. At this point, your damaged system should be accessible under /mnt and you should be able to recover data from it. For example:
mkdir -p /some/where/safe # pick a suitable location cp -r /mnt/home/* /some/where/safe/ # home directories cd /mnt tar jcvf /some/where/safe/etc-configuration.tar.bz2 etc #system config from /etc cp -r /mnt/root /some/where/safe/ # root's home directory ... # anything else you might need?
  1. To make the image bootable, you'll need to chroot into it and reinstall the bootloader. Assuming the default GRUB bootloader is used, the steps needed would be:
mount -o rbind,rw /dev /mnt/dev mount -o rbind,rw /proc /mnt/proc mount -o rbind,rw /sys /mnt/sys chroot /mnt /bin/bash # now your session is within the system-to-be-recovered grub-install /dev/sda # verify you're doing this to the correct disk!!!

Finally, to clean up all of this gracefully: (not strictly necessary, but a good habit anyway)

exit # exit from chroot umount /mnt/sys umount /mnt/proc umount /mnt/dev umount /mnt/tmp umount /mnt/var umount /mnt/home umount /mnt vgchange -an kali-vg cryptsetup close cr-ext
Improve this answer
4
  • Hi telcoM , Thanks for your answers. I am able to open only the root volume but for all the others , I get "mount: /mnt/home:wrong fs type,bad option,bad superblock on /dev/mapper/kali--vg-home,missing codepage or helper program,or other error.dmesg(12) may have more information after failed mount system call.dmesg has "FAT-fs(dm-5):invalid media value(0x65)can't find a valid FAT filesystem followed by EXT4-fs(dm-5):VFS: can't find ext4 filesystem" Commented Nov 10 at 0:09
  • The messages in dmesg are the result of the kernel trying all filesystem drivers in turn to mount the logical volume (because filesystem type was not specified with the mount command), but it looks like there is no recognizable filesystem on the disk. You could try file recovery tools like PhotoRec (often packaged together with testdisk) if any files can be recovered. You tried to shrink and move partitions: if the partitioning tool ran a DISCARD/TRIM operation on the "freed" space, I'm afraid your data is probably unrecoverable. Lesson: always backups before partition surgery. Commented Nov 10 at 0:56
  • Ohh , I had run photorec as well and got around ~29000 files . However, is there any way to check/confirm if the DISCARD/TRIM was run?Also,if there are any commands I can run to query for what data is present on the disk? Commented Nov 10 at 1:05
  • Hi telcoM, I followed the blogs - linux-blog.anracom.com/2018/11/09/… matthiaslee.com/moving-a-luks-encrypted-lvm-with-dd-and-sfdisk and did not face any errors. Is there a way I can check if the data has been deleted from disk ? Please let me know. Commented Nov 11 at 0:12

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.