Hello, I noticed a lot of online articles recommend to overwrite your hard disk with random data before creating an encryption volume on it. Normally this is done by: # dd if=/dev/urandom of=/dev/sda bs=4096 This will of course take a while, and there is also the badblocks alternative. However recently I've seen another approach that uses an encrypted (non-luks) container that is later filled with blank data. It's said that this approach is much faster than the urandom method above. I haven't used this yet, so I hope I got the command line right: # cryptsetup -c aes-xts-plain64 -h sha512 -s 512 -d /dev/urandom open /dev/sda --type plain cryptroot # dd if=/dev/zero of=/dev/mapper/cryptroot bs=4096 My question is are there any serious drawbacks of using this method in place of the urandom one? Best regards! _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
