disk encryption

[Robert Nichols]

On 01/14/2016 08:40 PM, Jeffrey Ross wrote:
> I installed Fedora 23 on a Laptop a while back and I decided to use disk
> encryption.  At this point I find the disk encryption to be more of a
> hindrance and would like to remove it.
>
> Am I correct that it may simply be easier to re-install the system
> rather than try to remove the encryption or is there an easy way to
> remove it?

It can be done, but you'd damned well better have a good backup since
any mistake or glitch will probably be fatal.

1. Determine the size of the LUKS header. (I'll use /dev/sda1 as the
    encrypted partition -- yours may differ.)
       cryptsetup luksDump /dev/sda1 | grep "Payload offset"
    That offset is the number of 512-byte sectors, probably 4096. If
    different, replace "4096" with the correct number in everything
    that follows.
2. Unlock the partition:
       cryptsetup luksOpen /dev/sda1 mysource
3. Copy the decrypted data directly back to the partition at the
    correct offset (4096 sectors assumed here):
       dd if=/dev/mapper/mysource bs=$((4096*512)) of=/dev/sda1 seek=1
4. Adjust the partition table to add 4096 sectors to the starting
    LBA for sda1 without moving the ending LBA.
5. Zero out the LUKS header:
       dd if=/dev/zero bs=$((4096*512)) count=1 of=/dev/sda1
6. Make adjustments to /etc/fstab and any GRUB references to the
    formerly encrypted partition.
7. Say a prayer and boot your system.

Oh yes, it's absolute necessary to do this from some recovery media
with the partition unmounted.

-- 
Bob Nichols     "NOSPAM" is really part of my email address.
                 Do NOT delete it.