Bob1215 Posted July 22, 2018 Share Posted July 22, 2018 [unRAID 6.5.3] I am moving my server from a LUKS encrypted Debian OS (LVM) to unRAID. I removed the SSD from my Debian system and plugged it into a SATA port in my unRAID system. It's probably more advisable to simply keep your old system running and share it over the network with your unRAID server. Some people will not have this luxury because they need to disassemble their old server first, or the amount of data being transferred would greatly benefit from a SATA transfer instead of a network transfer. This guide should work for mounting any LUKS encrypted Linux/GNU OS (Debian, Arch, Ubuntu, Mint, Gentoo, RHEL, CentOS, and probably others) as a drive in unRAID. At any rate, I attempted to use the "Unassigned Devices" plugin to mount, but was unable to mount the encrypted partition. After a lot of trial and error and piecing together a two guides (links at the bottom), the following steps will allow you to mount the encrypted partition. Open a terminal on unRAID and type: blkid | grep crypto Output will look like this: /dev/sda2: UUID="VERY LONG NUMBER" TYPE="crypto_LUKS" We know know the path to the encrypted partition (/dev/sda2/ in this example). Type the following: cryptsetup luksOpen /dev/sda2/ crypthome You have to enter the passphrase to decrypt the partition. Feel free to change the mapping name crypthome to whatever you want. The mapped partition is now available in /dev/mapper/crypthome but it isn’t mounted. The last step is create a mount point and to mount the mapped partition: mkdir /mnt/crypthome && mount /dev/mapper/crypthome /mnt/crypthome then we do a lvdisplay so we can get the 'LV Name'/'VG Name': lvdisplay Now, let's check to see if the volume is 'ACTIVE' (it will probably show "inactive"): lvscan Then, type do the following 2 commands: modprobe dm-mod vgchange -ay Now, let's check to see if the volume is 'ACTIVE' (it should be now): lvscan Make a directory to mount into: mkdir /mnt/encrypted_drive/ Mount the drive using the 'LV Name'/'VG Name' that we found in step 6: mount /dev/VolGroup/LogVol /mnt/encrypted_drive Guide 1 Guide 2 Guide 1 archived Guide 2 archived Quote Link to comment
tr0910 Posted July 22, 2018 Share Posted July 22, 2018 The easy way would have been to temporarily add an encrypted drive to the array with the same luks pw as the one you wanted to attach via unassigned devices. Once this is done, unassigned devices will mount it. unRaid is limited to one luks pw for all the drives encrypted, and the array needs one luks drive first before unassigned devices can pick the pw up from it. Quote Link to comment
Bob1215 Posted July 22, 2018 Author Share Posted July 22, 2018 That's a great tip. Thanks, tr0910. There are so many ways to get data from the drive, but it's always good to know the correct way. Is it correct that the method you outlined above would need a spare blank hard drive to add as an encrypted drive to the array? Quote Link to comment
tr0910 Posted July 23, 2018 Share Posted July 23, 2018 Yeah it could be blank, or it could have data. It's just that the array needs a luks drive first then unassigned devices can pick up the luks key. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.