All honour goes to http://www.blaicher.com/2013/01/accessing-an-encrypted-full-disc-image-lukslvm/
So I typically use a full disc encryption with LVM over LUKS. So assume you have got an image from your harddisk via
dd if=/dev/sda of=image.img
You now want to access this data again – maybe you don’t even have the drive anymore. So here is a quick rundown how I did it just now.
First we look at the image:
% fdisk -l -u backup_x220_november_2012_sdb.img
Disk backup_x220_november_2012_sdb.img: 80.0 GB, 80026361856 bytes, 156301488 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000589c6
Device Boot Start End Blocks Id System
backup_x220_november_2012_sdb.img1 2048 499711 248832 83 Linux
backup_x220_november_2012_sdb.img2 501758 156301311 77899777 5 Extended
backup_x220_november_2012_sdb.img5 501760 156301311 77899776 83 Linux
Great! So all partitions are in there! We will use kpartx to map this file to a block device which you can use just as your normal drives.
% sudo kpartx -a -v backup_x220_november_2012_sdb.img
add map loop0p1 (254:3): 0 497664 linear /dev/loop0 2048
add map loop0p2 (254:4): 0 2 linear /dev/loop0 501758
add map loop0p5 : 0 155799552 linear /dev/loop0 501760
Even better, now we have the partitions on the image mapped to /dev/mapper/loop0px. It’s now straightforward to mount the encrypted drive loop0p5:
% sudo cryptsetup luksOpen /dev/mapper/loop0p5 imgroot
Enter passphrase for /dev/mapper/loop0p5:
Now find and open the LVM drives inside:
% sudo vgscan
Reading all physical volumes. This may take a while...
Found volume group "mikrocanonix" using metadata type lvm2
% sudo vgchange -a y mikrocanonix
2 logical volume(s) in volume group "mikrocanonix" now active
% sudo mount /dev/mikrocanonix/root /mnt/
DONE!