Posts Tagged ‘partitions’
Welcome to the first real Windows post :) Now, I know this place mostly has a Linux bias but really, The Node is about solving technological problems…it’s just that Linux makes it easier to do so. As my main interest and inspiration for starting this site was Linux, it has a Linux slant…but I use all sorts of computers. Since July I have become responsible for a Windows network as well as my yummy Linux servers. While I don’t hold Windows very highly, I have been using it…even at home with my new gaming laptop (I tweeted about the joys of Crysis 2 on max detail last week).
So there are bound to be little problems that crop up. This particular problem is so seemingly prevalent on Windows that I just took it as Windows being dreadful. This is when you have an external USB hard drive that you plug into Windows and Windows makes the “bing bong” noise…yet no drive pops up in Windows explorer. Your brow furrows, and you probably do what I did which was to switch it off and on again (grin). Still no luck. However, this isn’t Windows having shoddy USB drivers or anything like that. It’s totally fixable and here’s how.
Note: This fix can also be achieved with Windows XP, but the location of various options and windows may have been moved. Anyway, there are two main ways to fix this. The first way is more common, less complicated in cause and solution.
As you probably know, Windows uses drive letters to distinguish between partitions. I think this is a bone-headed method of file system design, but fine. Anyway, in order for your USB drive to show up as…well…a drive, Windows has to assign it a letter when the USB subsystem alerts it to a new device being connected. No drive letter, no drive to use.
Before we start, make sure that you’ve disconnected or switched off any other external USB devices you may have attached to your computer else it’ll make identification of the problem device difficult.
So, first make sure your USB drive is plugged in and switched on. You’ll hear the “bing bong” sound Windows makes when it’s alerting you to a new USB device being attached. As expected, the drive doesn’t show up.
Open the Start menu and right-click on “My Computer”. From there, left-click on “Manage”. This requires Administrator privileges. From the left panel on the new window, click on: -
System Tools -> Device Manager
From the tree list, expand the “Universal Serial Bus Controllers” option. You’ll probably see many devices, but you only need to look for one, the “USB Mass Storage” entry. If you see more than one, you didn’t take my advice above and switch off and disconnect any other USB hard drives you have. Go ahead and do that and then come back :)
If you only have the one entry for “USB Mass Storage”, that’s your drive. Right-click on it and choose “uninstall” from the options. Switch off or disconnect your drive and then power it up again. This will allow Windows to attempt to re-install the driver for the device. If that was your problem, you should now see your device assigned with a correct drive letter. Done.
If this didn’t work, you’ll need to try the second method.
From the Start menu, select:-
Administration Tools -> Computer Management -> Disk Management
In the bottom middle panel of this new window, you will see a graphical representation of your disk drives. “Disk 0″ is usually your drive C: and should not be touched. If you have more internal drives or partitions, they will also show here. In order to match up your external USB device to the devices listed, either match it up by the approximate size listed or simply switch off and on your USB drive to see which entry vanishes and reappears. Once you’ve identified your device, right-click on the blue bar running along the top of the device entry and select “Change drive letters and paths”. Click change and choose an unassigned drive letter. Save your changes and reset the device and it should show up! If it was not seen there, go to “Action” on the menu bar, click on “Rescan Disks” and it should appear.
The blue bar menu is all greyed out and I cannot select the change drive letter option!
If you get this, you have a GPT Protective partition which means that the drive was probably installed on a Linux, Mac or Windows XP 64-bit edition machine. You can override this and get a functional drive, but you cannot save the data as the following solution is a data destructive process. In my case, I didn’t mind, but if you do, consider using the parent operating system of the drive to read the data.
In any case, you won’t be able to recover the data under Windows 7. The drive is inaccessible and Disk Management reports that the drive has a GPT Protective Partition on it. The drive cannot be re-partitioned and formatted in this state, so you’ll need to clean the drive before you can use it.
First, make a note of the disk number listed in the Disk Management window as you’ll need this information in a minute.
Open a Windows command prompt window and enter:-
From the diskpart prompt, type: -
You’ll get back something like: -
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 698 GB 0 B
Disk 1 Online 111 GB 0 B
Disk 2 Online 298 GB 1024 KB
Select the disk number for your device that you noted down earlier with: -
select disk [NUMBER]
Where [NUMBER] is the number you wrote down. Windows will say that “disk [NUMBER] is now selected”. Now enter: -
This removes the disk’s partition and signature from the drive. After you are returned to the diskpart prompt, type “exit” and go back to your Disk Management window. Windows should now be aware that the drive is uninitialised and should prompt for the wizard. From here you can reinitialise and format the drive. If you’re using a regular USB drive, you’ll probably want to format it as FAT32 (or exFAT) so that it can be used on older versions of Windows, Mac or Linux. Be aware – this format will take ages. Once it’s done, close the Disk Management window and power cycle your USB device. It should now should up with the assigned drive letter :-)
Linux Unified Key Setup-on-disk-format (or LUKS) allows you to encrypt partitions on your Linux machine. This is particularly useful when it comes to mobile computers and other mobile media such as netbooks and tablets. LUKS allows multiple user keys to decrypt a master key which is used for the bulk encryption of the partition. Here the process of configuring LUKS is outlined using Fedora an an example system, although you can do this on any Linux box.
LUKS is implemented in all versions of Fedora 9 and above and is used for system encryption. By default, the option to encrypt the file-system during the installation process is unchecked. Also it rather lacks flexibility. So if you suddenly decide to implement LUKS later on, or want to configure something a little more suited to your needs, here is how to do it.
First of all you need to create an empty partition if you haven’t already done so. Obviously you can make it any size you want as long as the physical disk has enough unallocated space. If you’re not comfortable creating a partition, read over my LVM management post which discusses how to create a basic partition using fdisk. Remember, you just need the default partition code of ’83′. The process I’m going to describe will work equally well with logical volumes as well as disk partitions.
It goes without saying that you should start with an empty and unmounted partition as this process will destroy any data currently residing on it. If you want to encrypt data already residing on a partition, back it up to a different partition or external storage first.
We first need to enter runlevel 1 or single-user mode, as it’s also known. Linux runlevels was discussed in the previous post relating to root password recovery. Unless otherwise stated all commands require the user to be root. To enter runlevel 1, type: -
Next, make sure the partition you want to use for encryption is unmounted.
As you can see, I’ve got my partition (which happens to be /dev/sda6) mapped to /mnt/luks in my /etc/fstab file. Verify that the partition is unmounted with: -
cat /proc/mounts | grep /mnt/luks
The next thing to do is to “seed” your selected partition or volume with randomly generated data. This makes the encryption more secure but will destroy any data presently on the partition.
dd if=/dev/urandom of=/dev/sda6
Depending on the size of your partition and the speed of your system, this process could take several minutes to 6 hours or more. Be patient :-)
Next, you need to initialise the new partition.
cryptsetup --verbose --verify-passphrase luksFormat /dev/sda6
You will be prompted for a pass phrase. It cannot include spaces. This will be the pass phrase you use to unlock the partition.
Next, you need to open the newly created device. Remember, everything in Linux is described as a file.
cryptsetup luksOpen /dev/sda6 luks
Much like a logical volume, this maps the new device to /dev/mapper/luks. You can verify that it’s present with: -
ls -l /dev/mapper | grep luks
This simply does a detailed directory list of the /dev/mapper directory structure, looking for the entry luks. If it’s present, it will be listed.
If all is well, you still need to format the partition to make it ready for data. Since we’re using Fedora 14 which uses the ext4 file-system, we’ll use: -
If you prefer, you can also use: -
mkfs -t ext4 /dev/mapper/luks
Once the partition is formatted you need to mount it.
mount /dev/mapper/luks /mnt/luks
If you now do a “df -h | grep luks”, you should see it mounted and ready to go.
However, you probably want access to this encrypted partition when you boot up your server and as you’ve just seen, this volume can only be accessed with a pass phrase. In order to allow Linux to ask you for the pass phrase on boot, you need to add an entry to the /etc/crypttab file. Yes, it is pretty similar to /etc/fstab which handles regular mount points :-)
Add the following:-
luks /dev/sda6 none
Speaking of the /etc/fstab file, you’ll also need to modify or add the entry for /dev/sda6 as this partition has now been mapped to /dev/mapper/luks: -
/dev/mapper/luks /mnt/luks ext4 defaults 1 2
Verify your /etc/fstab entry with the command: -
…as this form of the mount command takes the device to mount from from the /etc/fstab file with the entry /mnt/luks. If all is well, you should now be able to write to that directory. If you’re also using SELinux, you need to restore the security contexts for that location also: -
restorecon -v -R /mnt/luks
On reboot now, Fedora will ask you for the pass phrase you configured to open the volume on boot. Obviously, if you don’t want the partition or volume open the entire time the machine is on, you can remove the /etc/fstab entry and mount it manually. However, all the time the machine is switched off, that volume and the data within is safely encrypted.