Closed giorgidze closed 2 years ago
libfvde_io_handle_read_volume_header: unsupported core storage signature.
this tells you libfvde cannot find the correct data structure signature
Is this because of the type of encryption not yet supported by libfvde
?
I do not have sufficient details to answer your question. In the data you've provided there is no core storage signature. It could be a different format, it could be something specific to your set up.
How did you create your USB drive?
The Samsung USB drive was formatted by Mac OS X (Time Machine), it should have an encrypted HFS+ file system. What I see in gparted and other Linux tools is that unrecognisable / encrypted partition is on /dev/sda2.
Are the commands I am issuing above (including the offset calculation) correct?
Are the commands I am issuing above (including the offset calculation) correct?
As far I can tell yes: 512 byte sector size x 409640 sectors
Can you try hexdump -Cv /dev/sda | less
and look at the first 512 bytes of the volume
Also what do you mean with "encrypted HFS+ file system"
Note that there is FileVault 1 and FileVault 2 (core storage).
No update from original reporter closing issue.
I am trying to decrypt and external USB drive (time machine back up generated by Mac OS X).
Am I missing something obvious? (See below the steps to reproduce).
mmls output is as follows:
When running
fvdemount
I get the following errorTo obtain more detailed information I have built
fvdemount
with debug and verbose output. More detailed output is below.I tried with the actual password (with
-p
), but still get the same error.I can reproduce with the latest version available for download, as well as, the latest code in Git.
My system spec is as follows