11

I am facing a problem where I cannot mount a filesystem following decryption. All online searches for advice I have seen basically lead me to do what I have already - Anyone got any ideas?

My initial steps to decrypt are as follows - I ran with debug and verbose and all output was fine, no errors or warnings

cryptsetup luksOpen /dev/sdb1 mydata
+entered passphrase

I then attempt to mount it Upon running command the error below occurs

[root@PRC01P ~]# mount /dev/sdb1 /mydata
mount: unknown filesystem type 'crypto_LUKS'

other info commands - if decryption was succesful should this still show as type crypto_LUKS??

[root@PRC01P ~]# lsblk -lf | grep LUKS
sdb1      crypto_LUKS

Here is lsblk on its own:

-bash-4.2$ lsblk
NAME          MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINT
fd0             2:0    1    4K  0 disk
sda             8:0    0   30G  0 disk
├─sda1          8:1    0  500M  0 part  /boot
└─sda2          8:2    0 29.5G  0 part
  ├─rhel-root 253:0    0 26.5G  0 lvm   /
  └─rhel-swap 253:1    0    3G  0 lvm   [SWAP]
sdb             8:16   0   60G  0 disk
└─sdb1          8:17   0   60G  0 part
  └─mydata 253:2    0   60G  0 crypt
sdc             8:32   0    6G  0 disk
sr0            11:0    1 1024M  0 rom

Here is the result of a df:

-bash-4.2$ df
Filesystem            1K-blocks    Used Available Use% Mounted on
/dev/mapper/rhel-root  27781884 5977316  21804568  22% /
devtmpfs                1930032       0   1930032   0% /dev
tmpfs                   1940852       0   1940852   0% /dev/shm
tmpfs                   1940852   66176   1874676   4% /run
tmpfs                   1940852       0   1940852   0% /sys/fs/cgroup
/dev/sda1                508588  191448    317140  38% /boot
tmpfs                    388172       0    388172   0% /run/user/995
tmpfs                    388172       0    388172   0% /run/user/1002
tmpfs                    388172       0    388172   0% /run/user/1001

Thanks for any advice

Improve this question

2 Answers 2

Reset to default
10

The correct order is

  1. cryptsetup luksOpen /dev/sdb1 mydata

    which will open the LUKS formatted device.  (You have to enter a password for the device.)

  2. mount /dev/mapper/mydata /mydata

    which will map device to /mydata.

It might be a good idea to use different names, e.g.,

sudo cryptsetup luksOpen /dev/sda3 secure
sudo mount /dev/mapper/secure /home_secure

lsblk will list

(...)
sda          8:0    0 465,8G  0 disk
├─sda1       8:1    0   1,9G  0 part  /boot
├─sda2       8:2    0     1K  0 part
├─sda3       8:3    0 368,5G  0 part
│ └─secure 253:0    0 368,5G  0 crypt /home_secure
└─sda5       8:5    0  95,4G  0 part  /

To revert, using my sample names:

  1. umount /home_secure

    be sure that no files are used in /home_secure;

  2. then close the LUKS volume:

    cryptsetup close secure
Improve this answer
2
  • 1
    That worked very well ... and now ... how do I unmount? :D Commented Apr 6, 2023 at 12:41
  • 1
    @Stücke answer edited Commented Apr 6, 2023 at 15:33
5

You're trying to mount the wrong device.

cryptsetup luksOpen /dev/sdb1 mydata

With this, /dev/sdb1 is your encrypted LUKS device, and /dev/mapper/mydata is the decrypted contents.

mount /dev/sdb1 /mydata

This fails because you can't mount a LUKS device. LUKS is not a filesystem.

You have to mount the decrypted one:

mount /dev/mapper/mydata /mydata

...and this will only work if there's already a filesystem inside /dev/mapper/mydata (created with mkfs after luksFormat and luksOpen).

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.