Mounting an encrypted LVM
From Klaus' wiki
If you want to mount an encrypted LVM disk on another system, for instance for recovery, follow this procedure:
First attach the disk to the system and identify the device
]# fdisk -l
Disk /dev/sda: 320.1 GB, 320072933376 bytes 255 heads, 63 sectors/track, 38913 cylinders, total 625142448 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0xa028d32f Device Boot Start End Blocks Id System /dev/sda1 * 2048 1026047 512000 83 Linux /dev/sda2 1026048 625141759 312057856 8e Linux LVM Disk /dev/sdb: 1000.2 GB, 1000204886016 bytes 255 heads, 63 sectors/track, 121601 cylinders, total 1953525168 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00077ade Device Boot Start End Blocks Id System /dev/sdb1 * 63 401624 200781 83 Linux /dev/sdb2 401625 1953520064 976559220 8e Linux LVM Disk /dev/dm-0: 53.7 GB, 53687091200 bytes 255 heads, 63 sectors/track, 6527 cylinders, total 104857600 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Disk /dev/dm-0 doesn't contain a valid partition table Disk /dev/dm-1: 5167 MB, 5167382528 bytes 255 heads, 63 sectors/track, 628 cylinders, total 10092544 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Disk /dev/dm-1 doesn't contain a valid partition table Disk /dev/dm-2: 260.7 GB, 260684382208 bytes 255 heads, 63 sectors/track, 31693 cylinders, total 509149184 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Disk /dev/dm-2 doesn't contain a valid partition table
it is probably /dev/sdb
]# lvmdiskscan
/dev/ram0 [ 16.00 MiB] /dev/root [ 50.00 GiB] /dev/ram1 [ 16.00 MiB] /dev/sda1 [ 500.00 MiB] /dev/vg_klauslenovo/lv_swap [ 4.81 GiB] /dev/ram2 [ 16.00 MiB] /dev/sda2 [ 297.60 GiB] LVM physical volume /dev/vg_klauslenovo/lv_home [ 242.78 GiB] /dev/ram3 [ 16.00 MiB] /dev/ram4 [ 16.00 MiB] /dev/ram5 [ 16.00 MiB] /dev/ram6 [ 16.00 MiB] /dev/ram7 [ 16.00 MiB] /dev/ram8 [ 16.00 MiB] /dev/ram9 [ 16.00 MiB] /dev/ram10 [ 16.00 MiB] /dev/ram11 [ 16.00 MiB] /dev/ram12 [ 16.00 MiB] /dev/ram13 [ 16.00 MiB] /dev/ram14 [ 16.00 MiB] /dev/ram15 [ 16.00 MiB] /dev/sdb1 [ 196.08 MiB] /dev/sdb2 [ 931.32 GiB] 3 disks 19 partitions 0 LVM physical volume whole disks 1 LVM physical volume
in this case its the /dev/sdb2 partition we're after. It encrypted, so we need to give it a password to open it:
]# cryptsetup luksOpen /dev/sdb2 luks-fedora
if it returns without errors issue:
]# lvmdiskscan
once again and notice the difference:
/dev/ram0 [ 16.00 MiB] /dev/root [ 50.00 GiB] /dev/ram1 [ 16.00 MiB] /dev/sda1 [ 500.00 MiB] /dev/vg_klauslenovo/lv_swap [ 4.81 GiB] /dev/ram2 [ 16.00 MiB] /dev/sda2 [ 297.60 GiB] LVM physical volume /dev/vg_klauslenovo/lv_home [ 242.78 GiB] /dev/ram3 [ 16.00 MiB] /dev/mapper/luks-fedora [ 931.32 GiB] LVM physical volume /dev/ram4 [ 16.00 MiB] /dev/ram5 [ 16.00 MiB] /dev/ram6 [ 16.00 MiB] /dev/ram7 [ 16.00 MiB] /dev/ram8 [ 16.00 MiB] /dev/ram9 [ 16.00 MiB] /dev/ram10 [ 16.00 MiB] /dev/ram11 [ 16.00 MiB] /dev/ram12 [ 16.00 MiB] /dev/ram13 [ 16.00 MiB] /dev/ram14 [ 16.00 MiB] /dev/ram15 [ 16.00 MiB] /dev/sdb1 [ 196.08 MiB] /dev/sdb2 [ 931.32 GiB] 3 disks 19 partitions 1 LVM physical volume whole disk 1 LVM physical volume
the /dev/mapper/luks-fedora device is new!
Next insert a module in the kernel
]# modprobe dm-mod
We're almost there, be patient.
We can see issuing lvscan, that the volumes are not active:
]# lvscan
inactive '/dev/VolGroup00/LogVol00' [195.31 GiB] inherit inactive '/dev/VolGroup00/LogVol02' [732.03 GiB] inherit inactive '/dev/VolGroup00/LogVol01' [3.94 GiB] inherit ACTIVE '/dev/vg_klauslenovo/lv_root' [50.00 GiB] inherit ACTIVE '/dev/vg_klauslenovo/lv_home' [242.78 GiB] inherit ACTIVE '/dev/vg_klauslenovo/lv_swap' [4.81 GiB] inherit
so we have to make them active by issuing:
]# vgchange -ay
3 logical volume(s) in volume group "VolGroup00" now active /dev/mapper/VolGroup00-LogVol02 not set up by udev: Falling back to direct node creation. /dev/mapper/VolGroup00-LogVol01 not set up by udev: Falling back to direct node creation. The link /dev/VolGroup00/LogVol02 should had been created by udev but it was not found. Falling back to direct link creation. The link /dev/VolGroup00/LogVol01 should had been created by udev but it was not found. Falling back to direct link creation. 3 logical volume(s) in volume group "vg_klauslenovo" now active
]# lvscan
ACTIVE '/dev/VolGroup00/LogVol00' [195.31 GiB] inherit ACTIVE '/dev/VolGroup00/LogVol02' [732.03 GiB] inherit ACTIVE '/dev/VolGroup00/LogVol01' [3.94 GiB] inherit ACTIVE '/dev/vg_klauslenovo/lv_root' [50.00 GiB] inherit ACTIVE '/dev/vg_klauslenovo/lv_home' [242.78 GiB] inherit ACTIVE '/dev/vg_klauslenovo/lv_swap' [4.81 GiB] inherit
Now the partition we're interested in are active available for mounting. But since its a encrypted logical volume we'll have to find it in /dev/mapper
]# cd /dev/mapper ]# ll
total 0 crw-------. 1 root root 10, 62 Oct 13 09:14 control lrwxrwxrwx. 1 root root 7 Oct 13 10:00 luks-fedora -> ../dm-3 lrwxrwxrwx. 1 root root 7 Oct 13 09:14 vg_klauslenovo-lv_home -> ../dm-2 lrwxrwxrwx. 1 root root 7 Oct 13 09:14 vg_klauslenovo-lv_root -> ../dm-0 lrwxrwxrwx. 1 root root 7 Oct 13 09:14 vg_klauslenovo-lv_swap -> ../dm-1 lrwxrwxrwx. 1 root root 7 Oct 13 10:04 VolGroup00-LogVol00 -> ../dm-4 lrwxrwxrwx. 1 root root 7 Oct 13 10:04 VolGroup00-LogVol01 -> ../dm-6 lrwxrwxrwx. 1 root root 7 Oct 13 10:04 VolGroup00-LogVol02 -> ../dm-5