From owner-freebsd-questions@FreeBSD.ORG  Thu Feb  7 19:51:31 2013
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id D48096C9
 for <freebsd-questions@freebsd.org>; Thu,  7 Feb 2013 19:51:31 +0000 (UTC)
 (envelope-from rwmaillists@googlemail.com)
Received: from mail-wi0-f172.google.com (mail-wi0-f172.google.com
 [209.85.212.172]) by mx1.freebsd.org (Postfix) with ESMTP id 5B87B9C9
 for <freebsd-questions@freebsd.org>; Thu,  7 Feb 2013 19:51:31 +0000 (UTC)
Received: by mail-wi0-f172.google.com with SMTP id ez12so7871wid.11
 for <freebsd-questions@freebsd.org>; Thu, 07 Feb 2013 11:51:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=googlemail.com; s=20120113;
 h=x-received:date:from:to:subject:message-id:in-reply-to:references
 :x-mailer:mime-version:content-type:content-transfer-encoding;
 bh=s9jX1C8Pi6DRMCbvGOmQBY8Fh1qX8rv9i3E2rhrpro8=;
 b=OYPS74UUdLbZs3zwvqaJ34w2n0aMYRGUPCGZ8i3radUhOSMcZW6Pw4n9G4+6444UQv
 JkmFPAgsNaQODcf2/Ydj51/PO+2/mTYMMMR1bKeQVpHbzqep9yqCxFAKLwNM0AyaUNFI
 Nm6JYDllHatF1TcyZ+i/WM2iuUbBw++hDVg2YTVmgXdCciPQISgoxEPmND0Cu9XGum4U
 kulUOtVYVgJdWUmIUpmAFK8l/OvMbUVgAto5fAqJtBJlikogR9UvEeviRK0PBuVVNSrR
 kNqWIsjv1onxA75GH+Ot3iyyfMYH0Y/5UoGrNzbAc/vDhbw4uHHdtZZoLEpgyvER6FVg
 JOfg==
X-Received: by 10.194.171.198 with SMTP id aw6mr5336074wjc.3.1360266690333;
 Thu, 07 Feb 2013 11:51:30 -0800 (PST)
Received: from gumby.homeunix.com (87-194-105-247.bethere.co.uk.
 [87.194.105.247])
 by mx.google.com with ESMTPS id w5sm10652737wif.11.2013.02.07.11.51.28
 (version=SSLv3 cipher=RC4-SHA bits=128/128);
 Thu, 07 Feb 2013 11:51:29 -0800 (PST)
Date: Thu, 7 Feb 2013 19:51:27 +0000
From: RW <rwmaillists@googlemail.com>
To: freebsd-questions@freebsd.org
Subject: Re: geli overhead?
Message-ID: <20130207195127.43dd1ae3@gumby.homeunix.com>
In-Reply-To: <CAHUOmanYfr2B0sM+4mtzJnwyAWXf7uLTWF8mKWSMpiqJcg6fgQ@mail.gmail.com>
References: <CAHUOmamYud7md9=5yYfWvEsQZUWKHgPRUdwhUpaNae71B-nxvA@mail.gmail.com>
 <abe71e782475fd98aef8e77721e3be9b@dweimer.net>
 <CAHUOmanYfr2B0sM+4mtzJnwyAWXf7uLTWF8mKWSMpiqJcg6fgQ@mail.gmail.com>
X-Mailer: Claws Mail 3.9.0 (GTK+ 2.24.6; amd64-portbld-freebsd8.3)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Feb 2013 19:51:31 -0000

On Mon, 4 Feb 2013 22:25:33 +0100
mhca12 wrote:


> Does skipping authentication also remove the requirement of
> zeroing the whole eli disk for the checksums?

It's not needed from that perspective, but it makes it a bit more
secure if you do that or fill the device from /dev/random before the
init. If you don't do either an attacker may be able infer information
about the layout of files.