Date: Mon, 20 Apr 2009 14:17:40 -0600 From: Modulok <modulok@gmail.com> To: Bernt Hansson <bernt@bah.homeip.net> Cc: freebsd-questions@freebsd.org Subject: Re: Encrypted slice with geli Message-ID: <64c038660904201317k465064c3mece86b4ad9ed1e73@mail.gmail.com> In-Reply-To: <49ECCF4E.3060104@bah.homeip.net> References: <49ECCF4E.3060104@bah.homeip.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4/20/09, Bernt Hansson <bernt@bah.homeip.net> wrote: > Hello list! > > I was thinking of makeing a slice encrypted with geli. > > My question is: does geli init -s 4096 /dev/ad* erase the data on the > slice. The handbook didn't say yes or no, and I don't want to try > without asking. Short answer: Yes, it will blow away your data. It will make any data which previously lived in the slice inaccessible. Only do this on an empty slice. Cryptographically speaking: No, the majority of your data still exists as magnetic signatures on the physical disk. (Though is not directly accessible.) If your intent was to securely and irrevocably destroy the data on a slice, the command you showed will not do that. -Modulok-
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?64c038660904201317k465064c3mece86b4ad9ed1e73>