Mounting HDD in Linux
Jump to navigation
Jump to search
Unlike PS3, where every part of per-console security (including the HDD) is dictated by the eid_root_key, PS4 has two per-console keys for the HDD, one handled by SAMU (we cannot obtain this key atm) and the other handled by the South Bridge (Aeolia / Belize) which can be obtained.
Here are described the steps to mount a PS4 HDD on PC using the cryptmount utility on Linux.
Setup
Prerequisites
- Per-console PS4 EAP HDD Key (check in your kernel dump and in hxxps://github.com/Ps3itaTeam/ps4-kexec/blob/master/magic.h kern_off_eap_hdd_key offset)
- A PC running a Linux Distribution (ex: ubuntu, xubuntu live) that supports cryptmount
Getting eap_hdd_key.bin
You have to put the eap_hdd_key.bin file anywhere you want according to the cmtab file (see cmtab section below).
From kernel dump
- If your EAP HDD Key in the kernel dump looks like this:
D2 60 86 B3 8B D2 D3 5A EC 76 DB DE 50 30 00 40 15 D6 AE 04 44 3D A8 59 4B 03 3C 1F 0A DD FA 6B
- then the correct key will be:
40 00 30 50 DE DB 76 EC 5A D3 D2 8B B3 86 60 D2 6B FA DD 0A 1F 3C 03 4B 59 A8 3D 44 04 AE D6 15
From sflash
The keys.bin produced by hdd_script.py v2 will produce the keys in the right order! Just use keys.bin as eap_hdd_key.bin
Installing cryptmount
sudo apt install cryptmount
Settuping cmtab
- Add write permission on cmtab file:
sudo chmod 777 /dev/cryptmount/cmtab
cmtab for CUH-1000 and some CUH-1100
- cmtab file can be as follows:
# /etc/cryptmount/cmtab - encrypted filesystem information for cryptmount
# try 'man 8 cryptmount' or 'man 5 cmtab' for more details
user {
dev=/dev/sda27
dir=/home/xubuntu/Desktop/user
flags=user,nofsck
fstype=ufs mountoptions=ro,noatime,noexec,ufstype=ufs2
cipher=aes-xts-plain64
keyfile=/home/eap_hdd_key.bin
keyformat=raw
}
cmtab for some CUH-1100 and later models
- In this case the cmtab file must have a small change:
# /etc/cryptmount/cmtab - encrypted filesystem information for cryptmount
# try 'man 8 cryptmount' or 'man 5 cmtab' for more details
user {
dev=/dev/sda27
dir=/home/username/Desktop/user
flags=user,nofsck
fstype=ufs mountoptions=ro,noatime,noexec,ufstype=ufs2
cipher=aes-xts-plain64
ivoffset=111669149696
keyfile=/home/eap_hdd_key.bin
keyformat=raw
}
- where ivoffset = (dev_no - 1) << 32
- here it is: (27 - 1) << 32 = 111669149696
Adapting cmtab
- Change "username" to your Linux user name.
- Change sda27 to sdb27 or sdc27, etc... according to where HDD is currently mounted.
- Change sda27 to sda1 or sda2 or etc... according to the partition you want to mount. Don't forget to change ivoffset and fstype accordingly.
Final steps
- Create "user" folder on Linux Desktop.
- Remove write permission on cmtab file:
sudo chmod 775 /dev/cryptmount/cmtab
- Mount PS4 "user" partition:
sudo cryptmount user
Sample cmtab
# /etc/cryptmount/cmtab - encrypted filesystem information for cryptmount
# try 'man 8 cryptmount' or 'man 5 cmtab' for more details
eap_vsh {
dev=/dev/sda7
dir=/home/username/Desktop/eap_vsh
flags=user,nofsck
fstype=msdos mountoptions=ro,noatime,noexec
cipher=aes-xts-plain64
ivoffset=25769803776
keyfile=/home/eap_hdd_key.bin
keyformat=raw
}
eap_update {
dev=/dev/sda25
dir=/home/username/Desktop/eap_update
flags=user,nofsck
fstype=msdos mountoptions=ro,noatime,noexec
cipher=aes-xts-plain64
ivoffset=103079215104
keyfile=/home/eap_hdd_key.bin
keyformat=raw
}
user {
dev=/dev/sda27
dir=/home/username/Desktop/user
flags=user,nofsck
fstype=ufs mountoptions=ro,noatime,noexec,ufstype=ufs2
cipher=aes-xts-plain64
ivoffset=111669149696
keyfile=/home/eap_hdd_key.bin
keyformat=raw
}
eap_user {
dev=/dev/sda29
dir=/home/username/Desktop/eap_user
flags=user,nofsck
fstype=ufs mountoptions=ro,noatime,noexec,ufstype=ufs2
cipher=aes-xts-plain64
ivoffset=120259084288
keyfile=/home/eap_hdd_key.bin
keyformat=raw
}
| ||||||||||||||||
