From owner-freebsd-geom@FreeBSD.ORG  Sun Jan 27 00:27:48 2008
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 9BDFB16A418
	for <freebsd-geom@freebsd.org>; Sun, 27 Jan 2008 00:27:48 +0000 (UTC)
	(envelope-from news@nermal.rz1.convenimus.net)
Received: from dd17730.kasserver.com (dd17730.kasserver.com [85.13.138.103])
	by mx1.freebsd.org (Postfix) with ESMTP id 208B213C43E
	for <freebsd-geom@freebsd.org>; Sun, 27 Jan 2008 00:27:48 +0000 (UTC)
	(envelope-from news@nermal.rz1.convenimus.net)
Received: from nermal.rz1.convenimus.net (sub87-230-112-118.he-dsl.de
	[87.230.112.118])
	by dd17730.kasserver.com (Postfix) with ESMTP id 83B9D1802C022
	for <freebsd-geom@freebsd.org>; Sun, 27 Jan 2008 00:56:53 +0100 (CET)
Received: by nermal.rz1.convenimus.net (Postfix, from userid 8)
	id 13E251521D; Sun, 27 Jan 2008 00:20:57 +0100 (CET)
To: freebsd-geom@freebsd.org
Path: not-for-mail
From: Christian Baer <christian.baer@uni-dortmund.de>
Newsgroups: gmane.os.freebsd.devel.geom
Date: Sun, 27 Jan 2008 00:20:57 +0100 (CET)
Organization: Convenimus Projekt
Lines: 25
Message-ID: <fngf8p$a8e$2@nermal.rz1.convenimus.net>
References: <478A93BF.4070404@vwsoft.com>
	<20080114011412.33a91fac@gumby.homeunix.com.>
	<478B5F8A.7090408@vwsoft.com>
	<36878.3953287222$1200345389@news.gmane.org>
NNTP-Posting-Host: sunny.rz1.convenimus.net
X-Trace: nermal.rz1.convenimus.net 1201389657 10510 192.168.100.5 (26 Jan 2008
	23:20:57 GMT)
X-Complaints-To: abuse@convenimus.net
NNTP-Posting-Date: Sat, 26 Jan 2008 23:20:57 +0000 (UTC)
User-Agent: slrn/0.9.8.1 (FreeBSD/6.2-RELEASE-p8 (sparc64))
Subject: Re: how-to: encryption + journaling (geli + gjournal)
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
	<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Jan 2008 00:27:48 -0000

On Mon, 14 Jan 2008 21:15:37 +0000 RW wrote:

> There's no need to be rude, I'm only trying to help.

You guys are both a little sensitive, aren't you? :-)

> In my experience writing from /dev/random to a raw partition is almost
> twice as fast as writing to an .eli device - essentially it's single
> verses double encryption. 

True, this *is* faster. But there is also a reason for encrypting the
random numbers - although I would probably use zeros which will look
pretty much like random numbers on a disk once they are encrypted.

If you use a checksum (geli init -a) geli will need to know what is on the
disc. So you actually have to fill the disc through geli before you can
use it. If you don't do this you will get lots of errors stating that the
data on the disc is corrupt.

I guess the reason why blanking a disc with encrypted random numbers is
the double entropy and the fact that there are cases where you have to
blank a disc through geli.

Regards,
Chris