1

I'm asking as a new question because I don't have enough rep to comment on answers, and the drive in question here is removable.

I've set up an encrypted USB drive using cryptsetup luksFormat, but I'm having trouble mounting it on insertion as I can with other drives. After entering the correct passphrase, I seem to be encountering the same error as in this question.

However, the solution given there doesn't seem to be effective. Here are the results of a few tests based on the method (the UUID of the /dev/mapper file is replaced with $uuid):

$ sudo cryptsetup luksOpen /dev/sdb foo
Enter passphrase for /dev/sdb:
Cannot use device /dev/sdb which is in use (already mapped or mounted).

$ lsblk
NAME                                        MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
sda                                           8:0    0    ...  0 disk
├─sda1                                        8:1    0    ...  0 part  ...
└─sdaN                                        8:N    0    ...  0 part  ...
sdb                                           8:16   1    ...  0 disk
└─luks-56a33913-5f65-48e9-8e6e-db1f72605b24 253:0    0    ...  0 crypt


$ ls -l /dev/mapper/
total 0
crw------- 1 root root 10, 236 Aug 17 07:46 control
lrwxrwxrwx 1 root root       7 Aug 17 10:48 luks-$uuid -> ../dm-0


$ sudo vgimportclone /dev/mapper/luks-$uuid
  Failed to find physical volume "/dev/mapper/luks-$uuid".
  Failed to find all devices.

I suspect the same error is arising from different circumstances.

For additional context, I have multiple encrypted USB devices that I've set up through the same port, so they appear as the same physical device (/dev/sdb), and are both being mapped to /dev/dm-0. Maybe that's causing some confusion?

Can anyone identify the root cause of the issue, and point me towards an effective solution?

EnronEvolved
  • 56
  • That is true, but these were all produced while the USB was plugged in, and I can't exactly unmount a device that hasn't been mounted properly. The mapping /dev/luks-$uuid vanishes when I remove the stick.

    For the sake of clarity, I'm only plugging in one encrypted USB drive at a time.

     – EnronEvolved Aug 17 '23 at 12:49
  • 1
    They are most certainly not identical. – EnronEvolved Aug 17 '23 at 13:02
  • Is luks-$uuid a placeholder or the actual name used for the device? It should have the same name as that shown by lsblk. And when it shows like that in lsblk, in general the device is already opened by cryptsetup, so it is normal that it throws the error. Also, when you say you have "multiple encrypted USB devices set up through the same port", what is it exactly that you have set up? – Sebastian Aug 17 '23 at 19:12
  • $uuid is a placeholder, I thought that was clear from the question.

    My "setup" is what you do when you have multiple USB sticks and not enough ports to go around: you swap them in and out of the working one.

     – EnronEvolved Aug 17 '23 at 19:16
  • did you use something like sudo mkfs -t ext4 -V /dev/mapper/luks-$uuid to format the encrypted partition? I tried encrypting two USB drives, and got the same error when I forgot to format the second drive. Can you open the app disks and select the USB on the left panel and take a screenshot of the disk app window? Add the screenshot in your question. – user68186 Aug 17 '23 at 19:42

1 Answers1

1

As the comments revealed, I had forgotten to format the encrypted storage with an actual file system. I assumed that luksFormat would format the drive with a file system, or otherwise assumed I'd provided an option to cryptsetup to do so.

Running mkfs.exfat /dev/mapper/luks-$uuid and reattempting to mount the drive resulted in a successful mount with no errors.

Now we know what happens when you don't format a LUKS-encrypted drive, I guess!

EnronEvolved
  • 56