在dm-crypt linux上销毁luks头

Question

我试图在我的逻辑卷data1上销毁luks头，在删除luks头之后，我仍然能够读取data1中的文件。我想不应该是这样吧？有人能帮我理解这个案子吗？

lsblk输出

NAME                                            MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
sda                                               8:0    0 894.2G  0 disk
├─sda1                                            8:1    0   500M  0 part  /boot
└─sda2                                            8:2    0 893.8G  0 part
  ├─vg0-root                                    251:0    0 758.7G  0 lvm
  │ └─luks-45f803e5-3c17-4aaf-a9ad-d66c8b5458de 251:2    0 758.7G  0 crypt /
  ├─vg0-swap                                    251:1    0    75G  0 lvm   [SWAP]
  ├─vg0-data3                                   251:3    0    20G  0 lvm
  │ └─luks-6e168d35-26dc-429c-a3d6-8cb4f1c1d39e 251:7    0    20G  0 crypt /data3
  ├─vg0-data2                                   251:4    0    20G  0 lvm
  │ └─luks-75727dd1-a332-423d-8c37-4cedf9cbe83c 251:8    0    20G  0 crypt /data2
  └─vg0-data1                                   251:5    0    20G  0 lvm
    └─luks-cf2d9729-2d1b-48b8-8502-dea937ef602f 251:6    0    20G  0 crypt /data1

Luksdump输出以检查luks头是否存在：

-130-sapam@test-host:~ $ sudo cryptsetup luksDump /dev/mapper/vg0-data1
LUKS header information for /dev/mapper/vg0-data1

Version:        1
Cipher name:    aes
Cipher mode:    xts-plain64
Hash spec:      sha256
Payload offset: 4096
MK bits:        256
MK digest:      9f e7 1a b3 0e fb 4e bc 6d 1b 9e 46 f8 bd 15 22 ea 04 6e c3
MK salt:        83 5e 90 5b b3 a1 c5 a5 d4 22 a0 3e 23 25 51 50
                fc cd a8 ac db 9f d0 a8 8b 81 6e 9a 92 1f d8 d3
MK iterations:  43750
UUID:           cf2d9729-2d1b-48b8-8502-dea937ef602f

Key Slot 0: ENABLED
    Iterations:             439102
    Salt:                   f1 6d 23 b0 b7 ee fc 09 8c 6b 92 ef b2 17 ef d9
                            0c 83 64 29 bf bc 98 3f f6 93 4b 45 06 49 a9 21
    Key material offset:    8
    AF stripes:             4000
Key Slot 1: DISABLED
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED

摧毁卢克斯的头部：

-130-sapam@test-host:~ $ sudo dd bs=512 count=4096 if=/dev/zero of=/dev/mapper/vg0-data1
4096+0 records in
4096+0 records out
2097152 bytes (2.1 MB) copied, 0.00444235 s, 472 MB/s
-0-sapam@test-host:~ $ sudo cryptsetup luksDump /dev/mapper/vg0-data1
-1-sapam@test-host:~ $

我仍然能够读取/data1 1/中的文件

-1-sapam@test-host:~ $ cat /data1/foo
james
-0-sapam@test-host:~ $

据我理解，一旦头被销毁，/data1就不能读取对吗？

Answer 1

看来您正在破坏已经安装的分区。

在挂载分区时，加密/解密密钥被保存在内存中。你应该先打开你的LUKS分区：

# umount /data1

然后抹去卢克斯的头像。你不能再装它了。

请注意，cryptsetup实用程序有一个用于擦除LUKS头的命令：

# cryptsetup luksErase /dev/mapper/vg0-data1

此操作的优点是，您可以从备份恢复LUKS头，如果您之前这样做的话。

来自cryptsetup(8)

       erase <device>
       luksErase <device>

              Erase all keyslots and make the LUKS container permanently inac‐
              cessible.  You do not need to provide any password for this  op‐
              eration.

              WARNING: This operation is irreversible.

Answer 2

虽然luksErase很好地擦除键槽区域，但请注意，它实际上并不会破坏整个LUKS头。它使元数据完好无损。

我提交了一个特征请求，要求luksErase命令也能够清除标题中的明文元数据，但是开发人员拒绝并关闭了它:(

LUKS头碎纸机

您可以使用下面的BASH脚本查找系统上的每个LUKS设备，擦除标头，并关闭机器。

免责声明下面的脚本包含实验软件，这些软件可能导致或不可能导致损坏或完全永久删除部分或全部数据。我不能对因遵循本指南而发生的任何数据丢失负责。 这个答案的内容是公开提供的，并且是在CC-BY-SA许可下许可的.本指南中包含的软件是在GNU GPLv3许可下获得许可的。这里的所有内容都与其各自许可证中概述的责任限制相一致。 我强烈建议在没有任何有价值的数据的一次性机器上使用包含在这个答案中的脚本的任何实验。 如果数据丢失是您关心的问题，那么现在就离开，不要继续。你已经被警告过了。

#!/bin/bash
#set -x

################################################################################
# File:    buskill-selfdestruct.sh
# Purpose: Self-destruct trigger script for BusKill Kill Cord
#          For more info, see: https://buskill.in/
# WARNING: THIS IS EXPERIMENTAL SOFTWARE THAT IS DESIGNED TO CAUSE PERMANENT,
#          COMPLETE AND IRREVERSIBLE DATA LOSS!
# Note   : This script will *not* execute unless it's passed the '--yes'
#          argument. Be sure to test this trigger before depending on it!
# Authors: Michael Altfield <michael@buskill.in>
# Created: 2020-03-11
# Updated: 2020-03-11
# Version: 0.1
################################################################################

############
# SETTINGS #
############

BUSKILL_LOCK='/usr/local/bin/buskill-lock.sh'
[ -f ${BUSKILL_LOCK} ] || echo "ERROR: Unable to find buskill-lock.sh"

CRYPTSETUP=`which cryptsetup` || echo "ERROR: Unable to find cryptsetup"
LS=`which ls` || echo "ERROR: Unable to find ls"
CAT=`which cat` || echo "ERROR: Unable to find cat"
GREP=`which grep` || echo "ERROR: Unable to find grep"
ECHO=`which echo` || echo "ERROR: Unable to find echo"
AWK=`which awk` || echo "ERROR: Unable to find awk"
HEAD=`which head` || echo "ERROR: Unable to find head"
LSBLK=`which lsblk` || echo "ERROR: Unable to find lsblk"
OD=`which od` || echo "ERROR: Unable to find od"

##############
# ROOT CHECK #
##############

# re-run as root
if [[ $EUID -ne 0 ]]; then
    exec sudo /bin/bash "$0" "$@"
fi

###########
# CONFIRM #
###########

# for safety, exit if this script is executed without a '--yes' argument
${ECHO} "${@}" | ${GREP} '\--yes' &> /dev/null
if [ $? -ne 0 ]; then
    ${ECHO} "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING"
    ${ECHO} "================================================================================"
    ${ECHO} "WARNING: THIS IS EXPERIMENTAL SOFTWARE THAT IS DESIGNED TO CAUSE PERMANENT,  COMPLETE AND IRREVERSIBLE DATA LOSS!"
    ${ECHO} "================================================================================"
    ${ECHO} "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING"
    ${ECHO}
    ${ECHO} "cowardly refusing to execute without the '--yes' argument for your protection. If really you want to proceed with damaging your system, retry with the '--yes' argument"
    exit 1
fi

###########################
# (DELAYED) HARD SHUTDOWN #
###########################

# The most secure encrypted computer is an encrypted computer that is *off*
# This is our highest priority; initiate a hard-shutdown to occur in 5 minutes regardless
# of what happens later in this script

nohup sleep 60 && echo o > /proc/sysrq-trigger &
nohup sleep 61 && shutdown -h now &
nohup sleep 62 && poweroff --force --no-sync &

###############
# LOCK SCREEN #
###############

# first action: lock the screen!
${BUSKILL_LOCK} &

#####################
# WIPE LUKS VOLUMES #
#####################

# overwrite luks headers
${ECHO} "INFO: shredding LUKS header (plaintext metadata and keyslots with encrypted master decryption key)"
writes=''
IFS=$'\n'
for line in $( ${LSBLK} --list --output 'PATH,FSTYPE' | ${GREP} 'crypt' ); do

    device="`${ECHO} \"${line}\" | ${AWK} '{print \$1}'`"
    ${ECHO} -e "\t${device}"

    ###########################
    # OVERWRITE LUKS KEYSLOTS #
    ###########################

    # erases all keyslots, making the LUKS container "permanently inaccessible"
    ${CRYPTSETUP} luksErase --batch-mode "${device}" || ${HEAD} --bytes 20M /dev/urandom > ${device} &

    # store the pid of the above write tasks so we can try to wait for it to
    # flush to disk later -- before triggering a brutal hard-shutdown
    writes="${writes} $!"

    #####################################
    # OVERWRITE LUKS PLAINTEXT METADATA #
    #####################################

    luksVersion=`${OD} --skip-bytes 6 --read-bytes 2 --format d2 --endian=big --address-radix "n" "${device}"`

    # get the end byte to overwrite. For more info, see:
    # https://security.stackexchange.com/questions/227359/how-to-determine-start-and-end-bytes-of-luks-header
    if [[ $luksVersion -eq 1 ]]; then
        # LUKS1: https://gitlab.com/cryptsetup/cryptsetup/-/wikis/LUKS-standard/on-disk-format.pdf

        # in LUKS1, the whole header ends at 512 * the `payload-offset`
        # this is actually more than we need (includes keyslots), but
        # it's the fastest/easiest to bound to fetch in LUKS1
        payloadOffset=`${OD} --skip-bytes 104 --read-bytes 4 --format d4 --endian=big --address-radix "n" "${device}"`
        luksEndByte=$(( 512 * ${payloadOffset} ))

    elif [[ $luksVersion -eq 2 ]]; then
        # LUKS2: https://gitlab.com/cryptsetup/LUKS2-docs/blob/master/luks2_doc_wip.pdf

        # in LUKS2, the end of the plaintext metadata area is twice the
        # size of the `hdr_size` field
        hdr_size=`${OD} --skip-bytes 8 --read-bytes 8 --format d8 --endian=big --address-radix "n" "${device}"`
        luksEndByte=$(( 2 * ${hdr_size} ))

    else
        # version unclear; just overwrite 20 MiB
        luksEndByte=20971520

    fi
        
    # finally, shred that plaintext metadata; we do this in a new file descriptor
    # to prevent bash from truncating if ${device} is a file
    exec 5<> "${device}"
    ${HEAD} --bytes "${luksEndByte}" /dev/urandom >&5 &
    writes="${writes} $!"
    exec 5>&-
done

#######################
# WAIT ON DISK WRITES #
#######################

# wait until all the write tasks above have completed
# note: do *not* put quotes around this arg or the whitespace will break wait
wait ${writes}

# clear write buffer to ensure headers overwrites are actually synced to disks
sync; echo 3 > /proc/sys/vm/drop_caches

#################################
# WIPE DECRYPTION KEYS FROM RAM #
#################################

# suspend each currently-decrypted LUKS volume
${ECHO} "INFO: removing decryption keys from memory"
for device in $( ${LS} -1 "/dev/mapper" ); do

    ${ECHO} -e "\t${device}";
    ${CRYPTSETUP} luksSuspend "${device}" &

    # clear page caches in memory (again)
    sync; echo 3 > /proc/sys/vm/drop_caches

done

#############################
# (IMMEDIATE) HARD SHUTDOWN #
#############################

# do whatever works; this is important.
echo o > /proc/sysrq-trigger &
sleep 1
shutdown -h now &
sleep 1
poweroff --force --no-sync &

# exit cleanly (lol)
exit 0

资料来源

1. LUKS报头碎纸机(BusKill自毁触发器)
2. https://github.com/BusKill/buskill-linux/blob/master/triggers/buskill-selfdestruct.sh