Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 8 Feb 2006 15:40:59 +0100 (CET)
From:      Christian Baer <christian.baer@informatik.uni-dortmund.de>
To:        freebsd-geom@freebsd.org
Subject:   Re: GELI -> What to encrypt?
Message-ID:  <dscvtr$fd5$3@nermal.rz1.convenimus.net>
References:  <dsbdfg$c1t$1@nermal.rz1.convenimus.net> <20060208075825.GA11037@garage.freebsd.pl> <dscnfu$fd5$1@nermal.rz1.convenimus.net> <43E9E32D.6090605@centtech.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 08 Feb 2006 06:25:17 -0600 Eric Anderson wrote:

> Why would the risk of losing data be higher?

I've looked into the specs a bit and I have to take that one back - the
question, that is. :-)

GBDE seems to pose a slight risk of corrupting the data on a disc if
there is a power-out at the "wrong" time. Corrupting a file system
usually is annoying but most of the data can be salvaged. If the
partition table is broken things can be a little worse. But in any case
this problem only seems to apply if the power out accurs while the
partition table is being written. The chances of that happening are
(considering my usual luck) nearly 100%. :-)

Ok, but back to the actual issue, which I haven't addressed too clearly.
I just read the stuff I've written in this thread and therefore I can
tell. :-)

I am planning on encrypting an entire disc. This disc is to have one big
partition covering basicly the whole disc. Is there any advantage to be
gained by encrypting all of ad2 rather than "just" ad2s1d? As far as I
can tell right now, the only thing not encrypted in the latter case
would be the partition table. All the data stored on the drive would be
encrypted. The advantage of encrypting just ad2s1d would be a higher
compatibility to some degree, like being able to partition the drive
with sysinstall.

Regards
Chris




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?dscvtr$fd5$3>