LUKS disk encryption plugin

  • I've located the problem and fixed it. v2.1.0 should be in the testing repository soon - this version contains a few cosmetic tweaks, and also an update for LVM-on-LUKS (bug 0001427 on Mantis).
    If you don't have the testing repo enabled for OMV Extras, it should get moved into the normal/stable repo after a bit of testing in the wild.

  • Hello, total newbie here.
    When I go to Encryption -> Create. Click 'Select a device' it says Loading... but nothing comes up (then 504 Gateway Time-out error, then communication failure).


    I have installed it with wget.
    Then uninstall 2.1.0 with dpkg -r, to downgrade for 2.0.2 version.


    I have couple devices connected with no file system on it, no RAID, devices connected each at the time.


    Possibly I'm doing something wrong but who knows.

  • When I go to Encryption -> Create. Click 'Select a device' it says Loading... but nothing comes up (then 504 Gateway Time-out error, then communication failure).


    Start with disk that has an empty partition already defined.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 5.x on ASRock Rack C2550D4I C0 Stepping - 16GB ECC - Silverstone DS380 + Silverstone DS380 DAS Box.

  • You need a raw block device, un formatted partition. Encryption is below the fs level.


    Yes, if you have a partition with a filesystem, it will be excluded from the list of available devices. Use the (quick) wipe feature in Physical Disks to clear any partition info from the disk.


    As for the timeout error, do you see the same if you use the Filesystems tab to create a new filesystem? It is basically the same, lists available (unused) disks.

  • I did quick wipe. Still the same result; Secure wipe - doesn't help.


    As for the timeout error, do you see the same if you use the Filesystems tab to create a new filesystem? It is basically the same, lists available (unused) disks.


    File Systems - Create - shows both drives (FIY one is 3TB HDD second is 16GB USB stick).

  • openmediavault 1.19
    openmediavault-luksencryption 2.0.2
    ... shame, shame - I don't know how but I didn't have cryptsetup 2:1.4.3-4 and cryptsetup-bin 2:1.4.3-4 installed? (I don't know how, but cryptsetup didn't show in the list: dpkg -l, I was installing it). I uninstalled openmediavault-luksencryption plugin, install cryptsetup, install again luksencryption 2.0.2 back.


    But no change - still I can Create File System but cannot Create Encryption.

  • Do you mean OpenMediaVault 2.1.19? This is the minimum OMV version for the plugin, it isn't supported on older versions, so if you are running 1.19, this is likely the problem.
    Otherwise...
    If you install from the WebGUI or with apt-get, then dependencies are pulled in automatically, not so with dpkg. You can use apt-get -f install to solve any dependency problems.
    After installing cryptsetup have you restarted omv-engined (or rebooted)?

  • No reboot, I did it now. No help.


    I followed this OMV instalation stepps: http://www.htpcguides.com/inst…ana-pi-pro-with-bananian/ - except some funny commands (lights...). The reason is because I'm running Banana Pi (I'll get slow speeds once hdd encrypted like 5MB/s, but I want to try).
    Sorry for wasting your time. I guess I'm done here or I need to find better OMV package for Banana Pi.


    I started playing with linux a month ago. Usually I follow HowTo-s but slowly learning.
    Thanks for help

  • I recently installed OMV 2.1.15 including the Backport Kernel, lvm2 (2.1) and luksencryption (2.1.1).
    I created a RAID5 system with lvm, one volume group and several volumes.
    One volume I encrypted as User1, the others are plainly formated with ext4.
    All volumes are readable / writeable, except the luks formated.
    I assigned a key, which unlocks the partition when I just test the key.
    I can also change the key.
    But when I try to decrypt the partition I always get the error:


    Unable to unlock encrypted device: Device mapper/VG-User1-crypt not found


    Error #4001:
    exception 'OMVException' with message 'Unable to unlock encrypted device: Device mapper/VG-User1-crypt not found' in /usr/share/openmediavault/engined/rpc/luks.inc:288
    Stack trace:
    #0 [internal function]: OMVRpcServiceLuksMgmt->openContainer(Array, Array)
    #1 /usr/share/php/openmediavault/rpcservice.inc(125): call_user_func_array(Array, Array)
    #2 /usr/share/php/openmediavault/rpc.inc(79): OMVRpcServiceAbstract->callMethod('openContainer', Array, Array)
    #3 /usr/sbin/omv-engined(500): OMVRpc::exec('LuksMgmt', 'openContainer', Array, Array, 1)
    #4 {main}


    Any idea ? Did I miss something when I set the volumes up ?

  • oops, yes indeed a typo. :)
    2.1.25
    Thanks for checking.


    Since it's my first contact with OMV, I recorded all installation steps in detail to be able to install it again.
    In case, I could provide them.

  • Hi, I've managed to reproduce your error (it was a problem with the name of the decrypted device that occurs when using LUKS-on-LVM) and have fixed it in the latest version of the plugin (2.1.2), hopefully available online soon.


    Thanks!

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!