Hi lads,

Having a wee bit of bother decrypting a dump before a restore following 
a 4.0 -> 4.1 migration on i386. Different box, same hardware apart from 
a bigger disk.

I've decrypted and restored successfully before and not had any probs, 
but was on the same 4.0 box. Could host keys be the issue? Searching 
shows me I have the wrong pass phrase, see below:


<root@teak /home 0># ls -l /var/dumpster/spool/teak/_home_0*
-rw-r--r--  1 root  wheel  513409024 Aug 24 04:18 
/var/dumpster/spool/teak/_home_0_Year.dump.gz.crypto
-rw-r--r--  1 root  wheel        101 Aug 24 04:19 
/var/dumpster/spool/teak/_home_0_Year.dump.gz.crypto.digest

<root@teak /home 0># sha1 
/var/dumpster/spool/teak/_home_0_Year.dump.gz.crypto
SHA1 (/var/dumpster/spool/teak/_home_0_Year.dump.gz.crypto) = 
6cfb01a847e97608cf5fe6767ee3272fab39c0f5
<root@teak /home 0># cat 
/var/dumpster/spool/teak/_home_0_Year.dump.gz.crypto.digest
SHA1 (/var/dumpster/tmp/teak/_home_0_Year.dump.gz.crypto) = 
6cfb01a847e97608cf5fe6767ee3272fab39c0f5


<root@teak /home 1># openssl enc -bf -d -salt \
-pass file:/etc/dumpster/teak.dumpster_slices.conf.passwd \
-in /var/dumpster/spool/teak/_home_0_Year.dump.gz.crypto \
-out /var/dumpster/spool/teak/_home_0_Year.dump.gz
bad decrypt
14574:error:06065064:digital envelope routines:EVP_DecryptFinal:bad 
decrypt:/usr/src/lib/libssl/src/crypto/evp/evp_enc.c:509:

<root@teak /home 0># ls -l /var/dumpster/spool/teak/_home_0_Year.dump.gz
-rw-r--r--  1 root  wheel  513409000 Aug 27 08:48 
/var/dumpster/spool/teak/_home_0_Year.dump.gz


Have a go anyway and see what comes out in the wash:


<root@teak /home 0># gunzip /var/dumpster/spool/teak/_home_0_Year.dump.gz
<root@teak /home 0># ls -l /var/dumpster/spool/teak/_home_0_Year.dump
-rw-r--r--  1 root  wheel  639454657 Aug 27 08:57 
/var/dumpster/spool/teak/_home_0_Year.dump

<root@teak /home 0># restore rf /var/dumpster/spool/teak/_home_0_Year.dump
./a-user/some/file: (inode 20743) not found on tape
Mount tape volume 2
Enter ``none'' if there are no more tapes
otherwise enter tape name (default: 
/var/dumpster/spool/teak/_home_0_Year.dump) none
Warning: End-of-input encountered while extracting ./a-user/another/file
bad entry: incomplete operations
name: ./a-user/some/thing/else.pdf
parent name ./a-user/some/thing
entry type: LEAF
inode number: 46871
flags: NEW
abort? [yn] y
dump core? [yn] n
<root@teak /home 0># rm -rf /home/*






I found this, which suggests a bad password:
 
http://www.eecis.udel.edu/wiki/ececis-docs/index.php/FAQ/Applications#toc22


To decrypt (notice the -d for decryption) the file created in the 
previous example do the following:

% openssl enc -d -in ciphertextout -out outputfile -aes256
enter aes-256-cbc decryption password:

If the password is correct the plaintext will appear in outputfile. Be 
sure to delete or protect this file when done. At all times also make 
sure that standard permissions would not allow someone to read the 
plaintext file.

If an incorrect password is enter something like this will be displayed:

bad decrypt
11044:error:06065064:digital envelope routines:EVP_DecryptFinal:bad 
decrypt:evp_enc.c:450:




<root@teak /home 0># cat /etc/dumpster/teak.dumpster_slices.conf.passwd
Super secret phrase
<root@teak /home 0># openssl enc -bf -d -salt \
 > -in /var/dumpster/spool/teak/_home_0_Year.dump.gz.crypto \
 > -out /var/dumpster/spool/teak/_home_0_Year.dump.gz
enter bf-cbc decryption password:Super secret phrase
bad decrypt
5368:error:06065064:digital envelope routines:EVP_DecryptFinal:bad 
decrypt:/usr/src/lib/libssl/src/crypto/evp/evp_enc.c:509:


The pass phrase is over 100 characters long, includes UPPER and lower 
letters, digits, and symbols including > ; and others. Could this be the 
cause?

TIA for any pointers.
-- 
========================================================
Craig Skinner			craig.skinner@sun.co.uk

Phone +44 (0) 1506 673024	5-digit shortdial:x73024

Sun Remote Support Centre, Linlithgow, Scotland, UK
========================================================