LUKS encrypted a partition without a passphrase before completing Architect setup

My previous Manjaro system broke down when the computer accidentally turned off during an update. Apparently, kernel files were damaged and now I can' t boot into my previous system. I tried a couple of things to fix it but there was no success, so I decided to do a fresh install. After all, my files were stored in a separate partition (mounted as /home in my previous installation) so didn' t have to worry about losing anything important and the reinstall should be easy. I wanted to do it from live USB using Manjaro Architect. In the beginning, I thought I would just explore the options in the Architect so I navigated through the installation preparation menus and researched what each option means. While doing this, I also explored the LUKS Encryption menu where I selected the automatic option and my data partition which would make sense to encrypt. I got to the point where Architect prompts for passphrase for the encryption but I did not enter a passphrase and selected cancel to go back as I was not yet ready to proceed with the actual installation. I closed the Architect as I wanted to do some other stuff in the live USB before proceeding and then I noticed that I can no longer access my data partition which now shows up as an encrypted drive and asks for a passphrase. Obviously, I don't know the passphrase since I did not choose one. Leaving the passphrase field empty also does not work. I was able to access files in this partition from the live USB before so I am sure that the problem was most likely caused when I navigated through Architect. Also, I had not used any encryption in this computer before.

Is there anything that can be done in such a situation to gain access to the partition? I know that there are no solutions to forgotten passphrases but this situation is quite different since LUKS seems to have performed encryption without me asking for it.
Even if my files are lost, perhaps this is something that can be addressed in future releases to prevent similar situations.

I am sure @Chrysostomus will read this and maybe have some better feedback for you. In the meantime, did you try using the number 1 as your password?

Maybe, but it is not useful, because the act of encrypting a partition essentially destroyes all data in it. It's like formatting the partition but more destructive. Luks is not something you can use to encrypt existing data.

If you want salvage any files, using photorec might possibly work. See https://wiki.archlinux.org/index.php/File_recovery
Especially the first paragraph is important.

But, if you just want to use that part of the disk... Just delete that luks container and replace that unallocated space with a new partition. This is easier than trying to open a luks volume without the right password. Note, if you want to do any file recovery, you should do it before this.

2 Likes

This might be helpful with the data recovery. But, if you are not comfortable with data recovery and you have valuable data there, just don't touch that partition and get a professional to do the data recovery.

Essentially, if you haven't touched the encrypted container, then luksformat might have overwritten just the first 2 Mb of the partition, and if you can recover the filesystem, you can still get your data back.

2 Likes

Thanks for the responses and clarifications on what actually happens when a partition is encrypted.

I tried number "1" and some other dummy passwords, none of them worked.

However, after reading the documentation of Photorec I was able to start recovering my files successfully. It's actually not so difficult, and there is no risk of damaging the partition further because Photorec is only reading from the partition and not modifying anything in it. Thanks for the suggestion, @Chrysostomus!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Forum kindly sponsored by