From owner-freebsd-questions@FreeBSD.ORG Mon May 29 23:53:52 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D12A216ACE1 for ; Mon, 29 May 2006 23:53:52 +0000 (UTC) (envelope-from freebsd@meijome.net) Received: from sigma.octantis.com.au (ns2.octantis.com.au [207.44.189.124]) by mx1.FreeBSD.org (Postfix) with ESMTP id E07EA43D62 for ; Mon, 29 May 2006 23:53:49 +0000 (GMT) (envelope-from freebsd@meijome.net) Received: (qmail 8143 invoked from network); 30 May 2006 09:53:48 +1000 Received: from 203-217-63-189.dyn.iinet.net.au (HELO localhost) (203.217.63.189) by sigma.octantis.com.au with (DHE-RSA-AES256-SHA encrypted) SMTP; 30 May 2006 09:53:48 +1000 Date: Tue, 30 May 2006 09:53:44 +1000 From: Norberto Meijome To: "Iantcho Vassilev" Message-ID: <20060530095344.2e8db744@localhost> In-Reply-To: <18e02bd30605290931i6fb55892h634b55201b50d60f@mail.gmail.com> References: <18e02bd30605290443p36f3859bt1359ca75d1c896ce@mail.gmail.com> <20060529231524.0f76b3ba@localhost> <18e02bd30605290931i6fb55892h634b55201b50d60f@mail.gmail.com> X-Mailer: Sylpheed-Claws 2.2.0 (GTK+ 2.8.18; i386-portbld-freebsd6.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: FreeBSD Mailing List Subject: Re: geli resilience to power outages X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 May 2006 23:53:54 -0000 On Mon, 29 May 2006 16:31:38 +0000 "Iantcho Vassilev" wrote: > On 5/29/06, Norberto Meijome wrote: > > > > On Mon, 29 May 2006 14:43:46 +0300 > > "Iantcho Vassilev" wrote: > > > > > DO someone know if and how GELI is resilience to power outages? > > > > > > Does the box is still encrypted? After reboot what would happen to fcsk? > > > > Hi Iantcho , > > I dont know for a fact the effect with a power outage, but I use it quite > > a lot > > on laptops (which a) freeze sometimes out of nowhere , and b) sometimes > > dont > > resume properly,). In both situations, I've usually had geli mounted > > disks (1 > > x 6 GB, 1 x 500 MB) running when the events happened. ( as well as a 4 GB > > swap > > which is also GELI backed) > > > > They (touch wood) haven't suffered data loss. /usr and /var seem be more > > affected by this ungraceful shutdowns than the .eli devices. > > > > I suppose it's all cool thanks to soft-updates, and the fact that GELI > > encrypts > > on a per block basis (yeah, no more pgp-busted disks like in Windows :) ). > > > > good luck, > > Beto > > > Thanks for the input,Beto.. > > As i didn`t read the GELI "workbook" definitely read man geli , man geom_geli, and the handbook section...and play with it until you feel comfortable with it. > can you tell be can i convert existing > partition in GELI or i should repartition? depends what you want to do. If you want to create a file-backed GELI encrypted file (similar to a PGP Disk in Windows), then you dont need to touch your partitions at all - simply create the file. If you want to have, for example, /usr encrypted, then you need, /dev/ad0s1f.eli instead of . /dev/ad0s1f - you dont believe you need to repartition, but you'll need to wipe all the data and to encrypt the device. Read the docs. Beto