don't remember if I mentioned this earlier but my drive is encrypted when I did the install....
I don't think you did , I looked through the thread, (but quickly) and don't see
anything, any way,...
I have no experience with LUKS, but this is one of the main reasons I have never tried using it :
it asks for the LUKS password, which I provide, but comes back saying it can't unlock it....I know the password is correct because it is the one I've been using for all my linux laptops.
Have you tried on another laptop, does that password still work ?
Here is the bad new :
A very long time ago , we had a member that said they were drunk when they setup their encryption, and could not remember the password they set, in your case, you are sure you remember , or have the password correct, but it does not work,
So any way, I did do quite a bit of searching , but could not find anything on resetting or recovering a lost , forgotten, or mal functioning password, when using LUKS encryption,... it seems if the password does not work, you are out of luck,
My LUKS password does not work, what can I do
========================
https://unix.stackexchange.com/question ... oesnt-work
In the above link, there is maybe some possible solution, but not much.
There was one time , on one of my laptops, I could not log in as root, I was sure it was the same password I use on all my laptops, and PC, (that in itself is not a very secure thing to do, and it kind of makes using some encryption program point less, but it is another topic), Any way, I stumbled on to the problem, by accident, it turned out that when I set the password, I used a upper case letter, where I usually use all lower case,...I had forgotten on that particular laptop, the password had a upper case letter,.. it actually was not a accident, but the laptop has Minix3 on it, and I had forgotten , the minix installer will not permit all lowercase letters, the password must contain at least 1 uppercase, or a number, symbol, etc. ...
This (below) is the one that is discouraging,
There are some other results where they claim to have been able to "brute force", but it would be beyond the scope of this forum to go into details, and to be honest, not knowing anything about "LUKs", my self, most of what I read there does not make sense to me. But here is a small quote:
Good News Everyone!
Fortunately, we managed to recover the password for the server and disaster has been averted.
Going forward, a truly random password will be generated for LUKS encryption to avoid someone bruteforcing the password as we have done. To achieve a high bus factor and to ensure “business continuity”, this password will be printed out and placed in a sealed envelope for safe-keeping by trusted persons. To reduce the chances of someone having to reach for the envelope, we can deploy the mechanism I developed for my home server earlier this year that automatically unlocks the LUKS volume.
Better then trying some random "kiddie script" go to the source, and contact some people that really know about LUKS :
https://gitlab.com/cryptsetup/cryptsetup/
Help!
Please always read FAQ first.
For cryptsetup and LUKS related questions, please use the dm-crypt mailing list,
dm-crypt@saout.de.
If you want to subscribe just send an empty mail to
dm-crypt-subscribe@saout.de.
You can also browse list archive or read it through
web interface.
Read the FAQ FIRST:
https://gitlab.com/cryptsetup/cryptsetu ... dQuestions
LUKS PASSPHRASE IS NOT THE MASTER KEY: The LUKS passphrase is not
used in deriving the master key. It is used in decrypting a master
key that is randomly selected on header creation. This means that if
you create a new LUKS header on top of an old one with exactly the
same parameters and exactly the same passphrase as the old one, it
will still have a different master key and your data will be
permanently lost.
Try to relax, take your time, read the FAQ carefully, and completely:
1.4 My LUKS-device is broken! Help!
First: Do not panic! In many cases the data is still recoverable.
Do not do anything hasty! Steps:
Take some deep breaths. Maybe add some relaxing music. This may
sound funny, but I am completely serious. Often, critical damage is
done only after the initial problem.
Do not reboot. The keys may still be in the kernel if the device is
mapped.
Make sure others do not reboot the system.
Do not write to your disk without a clear understanding why this
will not make matters worse. Do a sector-level backup before any
writes. Often you do not need to write at all to get enough access
to make a backup of the data.
Relax some more.
Read section 6 of this FAQ.
Ask on the mailing-list if you need more help.
And if you really prefer e-mail, they do have a mailing list you can use , as well as some e-mail contact methods.