On 1/27/19 6:47 PM, Wolfgang Pfeiffer wrote:
On Sun, Jan 27, 2019 at 10:44:52PM +0000, Patrick O'Callaghan wrote:
If it's not being read and rewritten, it's not being encrypted.
Yes, something like that is what I suspect: The actual data on disk
would be left untouched when the *disk/partition* is encrypted. I had
a look through documents explaining luks, and again and again the
topic is "disk" encryption, not "data" encryption. So maybe all that
happens is that - to use a picture - a high security prison (some sort
of crypto layer) is built around the data on disk, while leaving the
actual data untouched, and non-encrypted.
In other words: It seems the file system is encrypted, not the data:
see the already mentioned FAQ: "Create the LUKS container" - at the
end of the section: "Done. You can now use the encrypted file system
to store data"
From your first message where you described this, the first part is
setting up the container. That doesn't encrypt any data at first, only
when something is written does it get encrypted. Further down in your
email, you describe the command of writing /dev/zero to the encrypted
disk container. That is what writes the "random" data to the disk and
would not require reading first. But in any case, as has already been
mentioned multiple times, this still is not going to be faster than
using /dev/urandom.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
