Getting bad magic number from openssl when trying to decrypt private.img files

[saltyk...@gmail.com]

I decided to change how I set my computer set up and wiped my old Qubes install. I backed up the two private.img files I really needed before re-partitioning my SSD, but did it kind of hastily and not as recommended by https://qubes-os.org/wiki/BackupRestore. I only have the private.img files that were under /var/lib/qubes/appvms/*/. I tried the command

openssl enc -d -pass pass:your_passphrase -aes-256-cbc -in private.img.000 -out private.img.dec.000

shown on the wiki, but even with what was definitely my encryption password, I'm getting bad magic number errors from openssl.

Did I totally mess this up? I have extremely important work I would like off of this drive.

Thanks,
Noah

[cprise]

On 12/24/14 19:50, saltyk...@gmail.com wrote:

I decided to change how I set my computer set up and wiped my old Qubes install. I backed up the two private.img files I really needed before re-partitioning my SSD, but did it kind of hastily and not as recommended by https://qubes-os.org/wiki/BackupRestore.

Sounds like you did use the Qubes backup tool, but somehow "not as recommended"?

I only have the private.img files that were under /var/lib/qubes/appvms/*/. I tried the command

openssl enc -d -pass pass:your_passphrase -aes-256-cbc -in private.img.000 -out private.img.dec.000

shown on the wiki, but even with what was definitely my encryption password, I'm getting bad magic number errors from openssl.

AFAIK, the passphrase is required by Qubes backup but you may or may not choose to encrypt with it. Merely supplying a passphrase does not mean that encryption is enabled. So I surmise that the passphrase is incorporated into the magic number hashes used for error checking.

Is it possible you did not actually turn encryption on? If so, you should restore the backup without encryption also (you will still have to supply the correct passphrase for error checking, however).

OTOH, if you backed-up your img files without the Qubes backup tool (using something else like cp or tar instead) then its doubtful openssl would be used to restore the files. In that case you'll need to use the same tool you used for the backup, but in 'reverse'.

[Marek Marczykowski-Górecki]

On Wed, Dec 24, 2014 at 04:50:38PM -0800, saltyk...@gmail.com wrote:
> I decided to change how I set my computer set up and wiped my old Qubes install. I backed up the two private.img files I really needed before re-partitioning my SSD, but did it kind of hastily and not as recommended by https://qubes-os.org/wiki/BackupRestore. I only have the private.img files that were under /var/lib/qubes/appvms/*/. I tried the command
>
> openssl enc -d -pass pass:your_passphrase -aes-256-cbc -in private.img.000 -out private.img.dec.000
>
> shown on the wiki, but even with what was definitely my encryption password, I'm getting bad magic number errors from openssl.

Are you sure you've made encrypted backup? It is the default, but it is
possible to disable it. If backup is not encrypted - use that
private.img.000 directly as tar input.

BTW If you have special characters in password, try to quote the whole
parameter.

--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

[saltyk...@gmail.com]

Well, I feel stupid. Everything worked out. The image files were not encrypted.