From owner-freebsd-questions@FreeBSD.ORG Tue May 30 11:36:40 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4F6E216A421 for ; Tue, 30 May 2006 11:36:40 +0000 (UTC) (envelope-from ianchov@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.172]) by mx1.FreeBSD.org (Postfix) with ESMTP id 397C043D46 for ; Tue, 30 May 2006 11:36:38 +0000 (GMT) (envelope-from ianchov@gmail.com) Received: by ug-out-1314.google.com with SMTP id m3so468683uge for ; Tue, 30 May 2006 04:36:38 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=WJbcSQiOTVKDMve/vXWuzjMYlmgiu4esQRwUBdSNINVn4BFT8/gA3dPdfiPyQOAa7b8QkrBUEt166UehQ8oXyYLdWqfzyzhQhX/3FBKwR02srNhxl72dWGkR8wIUiBjuw5fNIkDvZi9L5Cwud2SgWiECMIle+UaICbx0I+VNjRg= Received: by 10.78.32.16 with SMTP id f16mr575275huf; Tue, 30 May 2006 04:29:36 -0700 (PDT) Received: by 10.78.39.6 with HTTP; Tue, 30 May 2006 04:29:36 -0700 (PDT) Message-ID: <18e02bd30605300429r67f96dceyb4716205d730620d@mail.gmail.com> Date: Tue, 30 May 2006 14:29:36 +0300 From: "Iantcho Vassilev" To: "FreeBSD Mailing List" In-Reply-To: <20060530095344.2e8db744@localhost> MIME-Version: 1.0 References: <18e02bd30605290443p36f3859bt1359ca75d1c896ce@mail.gmail.com> <20060529231524.0f76b3ba@localhost> <18e02bd30605290931i6fb55892h634b55201b50d60f@mail.gmail.com> <20060530095344.2e8db744@localhost> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: geli resilience to power outages X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 May 2006 11:36:40 -0000 On 5/30/06, Norberto Meijome wrote: > > On Mon, 29 May 2006 16:31:38 +0000 > "Iantcho Vassilev" wrote: > > > On 5/29/06, Norberto Meijome wrote: > > > > > > On Mon, 29 May 2006 14:43:46 +0300 > > > "Iantcho Vassilev" wrote: > > > > > > > DO someone know if and how GELI is resilience to power outages? > > > > > > > > Does the box is still encrypted? After reboot what would happen to > fcsk? > > > > > > Hi Iantcho , > > > I dont know for a fact the effect with a power outage, but I use it > quite > > > a lot > > > on laptops (which a) freeze sometimes out of nowhere , and b) > sometimes > > > dont > > > resume properly,). In both situations, I've usually had geli mounted > > > disks (1 > > > x 6 GB, 1 x 500 MB) running when the events happened. ( as well as a 4 > GB > > > swap > > > which is also GELI backed) > > > > > > They (touch wood) haven't suffered data loss. /usr and /var seem be > more > > > affected by this ungraceful shutdowns than the .eli devices. > > > > > > I suppose it's all cool thanks to soft-updates, and the fact that GELI > > > encrypts > > > on a per block basis (yeah, no more pgp-busted disks like in Windows > :) ). > > > > > > good luck, > > > Beto > > > > > > Thanks for the input,Beto.. > > > > As i didn`t read the GELI "workbook" > definitely read man geli , man geom_geli, and the handbook section...and > play > with it until you feel comfortable with it. > > > can you tell be can i convert existing > > partition in GELI or i should repartition? > > depends what you want to do. If you want to create a file-backed GELI > encrypted > file (similar to a PGP Disk in Windows), then you dont need to touch your > partitions at all - simply create the file. > > If you want to have, for example, /usr encrypted, then you need, > /dev/ad0s1f.eli > instead of . /dev/ad0s1f - you dont believe you need to repartition, but > you'll > need to wipe all the data and to encrypt the device. > > Read the docs. > Beto > Thank you,Beto.. I will have a look into the documents.