0

I have 16 servers that have been out of operation for over a year and removed from there rack, all of the servers used full disk encryption (cryptsetup). I have a list of keys, all of which are a minimum of 48 bits using every character on the UK keyboard.

The problem I have is that I don't know which key is for which server and due to the key length and the 3 tries and then reboot policy it is taking a VERY long time to figure out which key unlocks which server as all the labels which named the server have since been removed.

Is it possible to dump the hash off each server and then perform an offline attack against the hash using the list of keys I have. This would save me a lot of time and effort and seems like a much easier way of performing the operation.

Artjom B.
  • 61,146
  • 24
  • 125
  • 222
jbarlow
  • 1,393
  • 1
  • 8
  • 5

1 Answers1

0

If you can remove the disks and add them to another system, you can LUKS mount the disks without rebooting, and thereby get as many tries as you want.

Ole Tange
  • 31,768
  • 5
  • 86
  • 104
  • Thanks for this. I have since manually done it which took a couple of days because one of the servers keyboard maps was set to US instead of UK which took a while to figure out to say the least! I am sure this will help someone in the future though and I am sure it would be scriptable. Although I doubt many people will use 48 bit keys though ;) – jbarlow May 06 '14 at 12:14
  • For inspiration on how to script it see: http://stackoverflow.com/questions/19713918/how-to-load-luks-passphrase-from-usb-falling-back-to-keyboard/23451824#23451824 – Ole Tange May 06 '14 at 22:42