On 09/19/2011 10:45:52 AM, Robbie Smith wrote:
> How much of a load on the system would LUKS + LVM be?
> Is it likely to
> result in a noticeable drop in performance?
It all depends, but generally no because cpu is _so_ much faster
than disk these days.
> Does entering the key(s)
> at
> boot decrypt the whole volume, or just provide a means for the kernel
> module to decrypt and encrypt on-the-fly?
The latter.
>
> And… how does it work? The documentation makes mention of multiple
> key-slots; but I'm a little baffled as to how different keys can be
> used
> to decrypt the same volume. It is based on symmetric cryptography,
> isn't
> it?
Yes, but the master key is encrypted by each key, separately, and
that's what your multiple passwords decrypt.
See the tks-1 paper (iirc) referenced on the wiki for more info.
Karl <kop@xxxxxxxx>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
