Date: Wed, 8 Feb 2006 15:40:59 +0100 (CET) From: Christian Baer <christian.baer@informatik.uni-dortmund.de> To: freebsd-geom@freebsd.org Subject: Re: GELI -> What to encrypt? Message-ID: <dscvtr$fd5$3@nermal.rz1.convenimus.net> References: <dsbdfg$c1t$1@nermal.rz1.convenimus.net> <20060208075825.GA11037@garage.freebsd.pl> <dscnfu$fd5$1@nermal.rz1.convenimus.net> <43E9E32D.6090605@centtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 08 Feb 2006 06:25:17 -0600 Eric Anderson wrote: > Why would the risk of losing data be higher? I've looked into the specs a bit and I have to take that one back - the question, that is. :-) GBDE seems to pose a slight risk of corrupting the data on a disc if there is a power-out at the "wrong" time. Corrupting a file system usually is annoying but most of the data can be salvaged. If the partition table is broken things can be a little worse. But in any case this problem only seems to apply if the power out accurs while the partition table is being written. The chances of that happening are (considering my usual luck) nearly 100%. :-) Ok, but back to the actual issue, which I haven't addressed too clearly. I just read the stuff I've written in this thread and therefore I can tell. :-) I am planning on encrypting an entire disc. This disc is to have one big partition covering basicly the whole disc. Is there any advantage to be gained by encrypting all of ad2 rather than "just" ad2s1d? As far as I can tell right now, the only thing not encrypted in the latter case would be the partition table. All the data stored on the drive would be encrypted. The advantage of encrypting just ad2s1d would be a higher compatibility to some degree, like being able to partition the drive with sysinstall. Regards Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?dscvtr$fd5$3>