[Bug] OMV and LUKS for RAID (RAID1) not working after having setup up a password, the LUKS-RADI is not shown in the LUKS panel and no way to decrypt.
Wikinaut opened this issue · 24 comments
I don't see how OMV-LUKS is working for RAID, specifically in my case, for a RAID1.
Please can you elaborate
- how to set up -- I have setup OMV-LUKS for my RAID, but I don't see this listed in the LUKS overview, and there is no view to decrypt/delete the LUKS setup.
- how to use
Please post in the forum for questions and to get wider visibility.
@ryecoaaron uh, this is a bug. I have amended the title. After setting up LUKS, it is not shown again in the corresponding plugin panel, and also no way to monitor or remove (decrypt) the LUKS-RAID. Something is broken or generally spoken, not working.
Ok. I mention the forum because you were asking how to use which tells me you were probably doing something wrong for a device not to show up in the plugin.
So, I will need more info. Setting up LUKS how? Command line or plugin? What kind of Raid? hardware, mdadm? What version of OMV? What kind of system?
-
OMV 0.6.14
-
RAID1 with 2x10TB HDD - created with OMV
-
OMV luksencryption 3.0.5 - set up for the RAID1
=> nothing is shown any more, after I have set up the LUKS for the /dev/md0 .
Much better information. Don't what you did, but that is wrong, the fs is sitting on the top of the raid block device directly. Once a block device (single or raid) has been encrypted it uses device mapper to show the un-locked device. So in case your md0 was encrypted in the column where it says
/dev/md0 should say /dev/mapper/md0-crypt or similar.
Unmount the device, remove the fs(delete all data), clean any fs signatures then proceed to format with luks, once the device mapper appears format to ext4.
This was a question for the forum
@subzero79 no matter what I do, I don't see any block device to apply LUKS, or to build a RAID from.
Tutorial with screenshots
Perhaps can you set up a tutorial with screenshots to explain the correct sequence to setup a RAID1 with LUKS using OMV and OMV-luksencryption plugin to fully exclude any possible mistakes of users?
Wipe the Filesystem in md0, use delete filesystem. once that make sure blkid command in terminal doesn’t return any entries for md0. Then try again to create a Luks container with md0.
-
blkid shows only the system OMV) disks.
And now? -
I added a RAID1
-
Filesystems shows immediately
-
LUKS
cannot add anything (dropbox is empty)
What is the correct next step?
I suggest you try it on your system and document here with your screenshots. I still suppose that something is wrong with the OMV-LUKS plugin. (In previous years I have set up several systems - without OMV - with RAID and LUKS manually).
In other words: as soon as I use the OMV RAID module to set up my RAID1, I cannot see any available device in the OMV-LUKS module to set up a LUKS.
The raid still has filesystem signature as you can see in the fs section shows ext4. just to be clear you do realise you have to wipe the fs (delete data) right?
Destroy the raid in the corresponding panel, go to each disk and wipe them quick, then full for one minute each. Then after that create a new array, once is finish syncthing make sure no ext4 signature shows there, then go to luks to create an encrypted container from md0
@subzero79 so I have to wait 807 minutes and then it will work??? Uh. then OMV needs a check so that OMV-LUKS is prevented unless sync'ing has finished.
You don't "have" to but using the array will slow down the sync. Nothing OMV can do about that. That is why OMV doesn't have a check to prevent it.
There are ways of speeding a raid sync.
When doing so as described:
When I add a filesystem via FS GUI, I only can select the md0 - no mapper! - and then it looks so:
and the crypt is gone:
Either your description is wrong at a certain step, or OMV or OMV-LUKS-Plugin is broken.
The block device md0 needs to be decrypted for it to appear as device mapper.
How, when it is not listed (see above)?
See your first screenshot, md0 formatted as LUKS, locked.
No, it is then this view (empty!):
Only, when I create the RAID > LUKS manually (on the commandline), I do see this:
So: something wrong with the OMV modules.
You post this before, why didn't you unlock the disk then?
https://user-images.githubusercontent.com/1151915/55141192-23145980-513a-11e9-9021-04bf6da1d829.png
@subzero79 perhaps because I asked for a detailed step-by-step (with screenshots) explanation, but you failed to explain that above in your post #24 (comment) ? Or did I overlook that statement?
Sorry but i don't have time to give you a personal tutorial with screenshots, maybe someone on the forum can do that for you. For me the interface is pretty intuitive, the column (at least in English) says unlock and is greyed (unfilled) which one (and several users of the plugin) would assume it isn't unlock, goes filled blue when is unlocked, so is just a matter of selecting the device and press unlock.
This is the old post from the user who created this plugin giving some details about it
Not many people look here, so you will get better support of plugin usage at the forum
When you have time and if you can (have the disk reformatted or so) can you submit the actual paraphrase you used so I can test it in omv5