ext4, LVM, and LUKS1/LUKS2
Last updated
Was this helpful?
Last updated
Was this helpful?
Disk images are 1GB unless otherwise noted.
In the root of each volume, there is a text file labelled 'notes.txt' which just contains the text 'https://iblue.team'
Single ext4 volume created/formatted on a Linux Mint host, at ~22:36ACST 22nd August 2023.
Download VMDK (zipped)
Download RAW (zipped)
SHA1
f676e6bc2af1c89bb0c531bc166437648bab3de8 1G-ext4.001
6072491a7927740b9540d6673ef024b298a0a793 1G-ext4.zip
e74aed8628a4931fb8497eac3016fcd6cc9c1ac5 LINUX-MINT-1.vmdk
59fee87ebdf3fd493f3230abc64a3f6cc27cd180 LINUX-MINT-1.zip$ fdisk -l
Disk /dev/sdb: 1 GiB, 1073741824 bytes, 2097152 sectors
Disk model: VMware Virtual
$ md5sum /dev/sdb
cd573cfaace07e7949bc0c46028904ff /dev/sdb
$ mkfs.ext4 /dev/sdb
mke2fs 1.46.5 (30-Dec-2021)
Creating filesystem with 262144 4k blocks and 65536 inodes
Filesystem UUID: 3f13c5a2-1e5b-4771-b5c3-430e4d0a1053
Superblock backups stored on blocks:
32768, 98304, 163840, 229376
Allocating group tables: done
Writing inode tables: done
Creating journal (8192 blocks): done
Writing superblocks and filesystem accounting information: done
root@mint:~# date
Tue 22 Aug 2023 22:36:58 ACST
$ mount /dev/sdb /mnt/ext4
> nano /mnt/ext4/notes.txt > https://iblue.team
$ md5sum /dev/sdb
40575d67d4651c200d9f3234701bf05e /dev/sdb12601117707183a3806e7ef37cb43d4a91b1a9ef 1G-ext4-lvm.001
ce017999032df22c8d7fb2601e3f2efdfb2cf9d3 1G-ext4-lvm.zip
058a3529f69c3b5b6ac3ff81add190ae41432b55 LINUX-MINT-0.vmdk
d3a1f5035cf74374e7bc8eae1a5561607b900ab7 LINUX-MINT-0.zip$ md5sum /dev/sdb
cd573cfaace07e7949bc0c46028904ff /dev/sdb
lvm version
LVM version: 2.03.11(2) (2021-01-08)
Library version: 1.02.175 (2021-01-08)
Driver version: 4.45.0
root@mint:~# lvmdiskscan
/dev/sda2 [ 513.00 MiB]
/dev/sda3 [ <79.50 GiB]
/dev/sdb [ 1.00 GiB]
1 disk
2 partitions
0 LVM physical volume whole disks
0 LVM physical volumes
$ pvcreate /dev/sdb
Physical volume "/dev/sdb" successfully created
$ vgcreate vg01 /dev/sdb
Volume group "vg01" successfully created
root@mint:~# vgdisplay
--- Volume group ---
VG Name vg01
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 1
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 0
Open LV 0
Max PV 0
Cur PV 1
Act PV 1
VG Size 1020.00 MiB
PE Size 4.00 MiB
Total PE 255
Alloc PE / Size 0 / 0
Free PE / Size 255 / 1020.00 MiB
VG UUID SuDIRA-DfeR-N3Gh-r41v-fZJL-2duf-XEuwWf
$ lvcreate -L 1020M -n lv01 vg01
Logical volume "lv01" created.
root@mint:~# lvdisplay
--- Logical volume ---
LV Path /dev/vg01/lv01
LV Name lv01
VG Name vg01
LV UUID YH1P8v-cDBJ-1emn-0ApX-Qq7j-S6Pr-3IsWkV
LV Write Access read/write
LV Creation host, time mint, 2023-08-22 22:04:23 +0930
LV Status available
# open 0
LV Size 1020.00 MiB
Current LE 255
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:0
$ mkfs.ext4 /dev/vg01/lv01
mke2fs 1.46.5 (30-Dec-2021)
Creating filesystem with 261120 4k blocks and 65280 inodes
Filesystem UUID: 6423a1eb-f631-45e1-9f9a-94a49b6c90c6
Superblock backups stored on blocks:
32768, 98304, 163840, 229376
Allocating group tables: done
Writing inode tables: done
Creating journal (4096 blocks): done
Writing superblocks and filesystem accounting information: done
$ stat /mnt/ext4/note.txt
File: /mnt/ext4/note.txt
Size: 19 Blocks: 8 IO Block: 4096 regular file
Device: fd00h/64768d Inode: 13 Links: 1
Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2023-08-22 22:05:46.435740476 +0930
Modify: 2023-08-22 22:05:46.435740476 +0930
Change: 2023-08-22 22:05:46.435740476 +0930
Birth: 2023-08-22 22:05:46.435740476 +0930ce8b173bf5a5e225fc883842eb035319241138bf 1GB-ext4-lvm-luks1.001
03b21c977e9f66e52cceaf1b7a08aa4cee92fdce 1GB-ext4-lvm-luks1.zip
757fe568f93c04b667bd16803098a7756ab9d1b6 LINUX-MINT-0.vmdk
41f8dd22c03b95d968b5884680a76ce88c55afc7 LINUX-MINT-0.zipKey slot 0 was set with the password 'password' Key slot 1 was set with the password 'superpassword'
Using existing disk
$ cryptsetup luksFormat --type luks1 /dev/mapper/vg01-lv01
WARNING: Device /dev/mapper/vg01-lv01 already contains a 'ext4' superblock signature.
WARNING!
========
This will overwrite data on /dev/mapper/vg01-lv01 irrevocably.
Are you sure? (Type 'yes' in capital letters): YES
Enter passphrase for /dev/mapper/vg01-lv01: password
Verify passphrase: password
$ cryptsetup luksOpen /dev/mapper/vg01-lv01 luks1
Enter passphrase for /dev/mapper/vg01-lv01: password
$ cryptsetup -v status luks1
/dev/mapper/luks1 is active.
type: LUKS1
cipher: aes-xts-plain64
keysize: 512 bits
key location: dm-crypt
device: /dev/mapper/vg01-lv01
sector size: 512
offset: 4096 sectors
size: 2084864 sectors
mode: read/write
Command successful
$ sudo cryptsetup luksDump /dev/mapper/vg01-lv01
LUKS header information for /dev/mapper/vg01-lv01
Version: 1
Cipher name: aes
Cipher mode: xts-plain64
Hash spec: sha256
Payload offset: 4096
MK bits: 512
MK digest: 01 eb 16 1a 86 1c db 04 5a 86 0a 6c c3 8e d9 44 1a 72 04 c4
MK salt: a6 3c c4 96 52 33 c6 6f 5e 0f a6 38 34 2e 7a 3c
a5 4b 62 4f 6d 5a f1 07 5a c8 ff 52 ad 4b b8 78
MK iterations: 110890
UUID: 0689d6a7-33a1-47fd-a971-c6ac38b24d47
Key Slot 0: ENABLED
Iterations: 1956298
Salt: bc 58 47 d6 4c fb bb 77 c7 e7 91 f7 22 ef 81 0c
3f b5 5d ad b1 3e 08 32 51 47 94 c2 c0 4a 20 ed
Key material offset: 8
AF stripes: 4000
Key Slot 1: DISABLED
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED
Key Slot 0 is ENABLED (password is password)Let's enable the second key slot (key slot 1)
$ cryptsetup luksAddKey /dev/mapper/vg01-lv01
Enter any existing passphrase: password
Enter new passphrase for key slot: superpassword
Verify passphrase: superpassword
$ cryptsetup luksDump /dev/mapper/vg01-lv01
LUKS header information for /dev/mapper/vg01-lv01
Version: 1
Cipher name: aes
Cipher mode: xts-plain64
Hash spec: sha256
Payload offset: 4096
MK bits: 512
MK digest: 01 eb 16 1a 86 1c db 04 5a 86 0a 6c c3 8e d9 44 1a 72 04 c4
MK salt: a6 3c c4 96 52 33 c6 6f 5e 0f a6 38 34 2e 7a 3c
a5 4b 62 4f 6d 5a f1 07 5a c8 ff 52 ad 4b b8 78
MK iterations: 110890
UUID: 0689d6a7-33a1-47fd-a971-c6ac38b24d47
Key Slot 0: ENABLED
Iterations: 1956298
Salt: bc 58 47 d6 4c fb bb 77 c7 e7 91 f7 22 ef 81 0c
3f b5 5d ad b1 3e 08 32 51 47 94 c2 c0 4a 20 ed
Key material offset: 8
AF stripes: 4000
Key Slot 1: ENABLED
Iterations: 1836384
Salt: 60 95 5c d5 36 77 bb f7 78 a9 11 98 d7 66 79 38
c6 5e 14 98 da aa 2a 3d 62 bf e4 31 2a 73 8d 57
Key material offset: 512
AF stripes: 4000
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLEDce8b173bf5a5e225fc883842eb035319241138bf 1GB-ext4-lvm-luks2.001
f580250eff1ca6afd27a076c0935557cdb48438a 1GB-ext4-lvm-luks2.zip
757fe568f93c04b667bd16803098a7756ab9d1b6 LINUX-MINT-0.vmdk
41f8dd22c03b95d968b5884680a76ce88c55afc7 LINUX-MINT-0.zip$ cryptsetup convert --type luks2 /dev/mapper/vg01-lv01
WARNING!
========
This operation will convert /dev/mapper/vg01-lv01 to LUKS2 format.
Are you sure? (Type 'yes' in capital letters): YES
$ cryptsetup luksDump /dev/mapper/vg01-lv01
LUKS header information
Version: 2
Epoch: 2
Metadata area: 16384 [bytes]
Keyslots area: 2064384 [bytes]
UUID: 0689d6a7-33a1-47fd-a971-c6ac38b24d47
Label: (no label)
Subsystem: (no subsystem)
Flags: (no flags)
Data segments:
0: crypt
offset: 2097152 [bytes]
length: (whole device)
cipher: aes-xts-plain64
sector: 512 [bytes]
Keyslots:
0: luks2
Key: 512 bits
Priority: normal
Cipher: aes-xts-plain64
Cipher key: 512 bits
PBKDF: pbkdf2
Hash: sha256
Iterations: 1956298
Salt: bc 58 47 d6 4c fb bb 77 c7 e7 91 f7 22 ef 81 0c
3f b5 5d ad b1 3e 08 32 51 47 94 c2 c0 4a 20 ed
AF stripes: 4000
AF hash: sha256
Area offset:32768 [bytes]
Area length:258048 [bytes]
Digest ID: 0
1: luks2
Key: 512 bits
Priority: normal
Cipher: aes-xts-plain64
Cipher key: 512 bits
PBKDF: pbkdf2
Hash: sha256
Iterations: 1836384
Salt: 60 95 5c d5 36 77 bb f7 78 a9 11 98 d7 66 79 38
c6 5e 14 98 da aa 2a 3d 62 bf e4 31 2a 73 8d 57
AF stripes: 4000
AF hash: sha256
Area offset:290816 [bytes]
Area length:258048 [bytes]
Digest ID: 0
Tokens:
Digests:
0: pbkdf2
Hash: sha256
Iterations: 110890
Salt: a6 3c c4 96 52 33 c6 6f 5e 0f a6 38 34 2e 7a 3c
a5 4b 62 4f 6d 5a f1 07 5a c8 ff 52 ad 4b b8 78
Digest: 01 eb 16 1a 86 1c db 04 5a 86 0a 6c c3 8e d9 44
1a 72 04 c4Download VMDK (zipped)
Download RAW (zipped)
Download VMDK (zipped) Download RAW (zipped)
Download VMDK (zipped)
Download RAW (zipped)