On Tue, Sep 20, 2011 at 08:36:58PM +1000, Robbie Smith wrote: [...] > What are some potential worst-case scenarios? i.e. the system had a hard > reset, either because the power got cut or (somehow) an application > brought the system to a complete halt? How would this affect the > encryption, and could it result in total data loss? The encryption can be established as long as the header and at least on ekeyslot are intact. If you cut the power just in the microsecond while a keyslot is written you would damage that keyslot. If it was your only one and you do not have a header backup, then you would have total data loss. That is the only scenario I can think of. In normal operation, the header is not written. With an SSD, things are a bit different. Due to the large internal sector size, the header can be in a sector that also has data that gets rewritten in it. As sectors are always written completely, the header then is at risk whenever that data gets rewritten. Also keep in mind that HDDs have about a 5%/year rate of failure (even if some vendors claim 0.5%, but that is under perfect conditions). A backup of the data is non-optional. The header-backup is just an additional precaution. > The FAQ makes mention that the most frequent cause of data loss is > either losing access to the keys or somehow corrupting the LUKS header. > The former I can understand, and "common" sense would dictate to have a > couple of backup keys in secure locations. I am at a loss though as to > how someone could unintentionally corrupt the header though. This is from observations on the mailing-list. It happens pretty often. And most people are surprised by it. > I'm inclined to set up my system with /boot and a LUKS partition, and > then use LVM inside that, so if I decide to rearrange virtual partitions > I won't run the risk of messing up the LUKS header. This also seems like > the simplest setup. Keep in mind that LVM adds to the complexity when you have to do data recovery when something went wrong. Other that that it sounds like a good approach. > (I keep daily backups of $HOME and of essential system settings, the > rest can be reinstalled if needed, but I'd prefer not to have to spend a > few days recovering everything if I had a hard reset or something like > that.) You will not damage the encrypted data in normal operation. All the header-damages reported were done during installation, repartitioning, moving partitions, etc. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
