On 12.12.2014 13:11, Arno Wagner wrote: > On Thu, Dec 11, 2014 at 23:04:53 CET, Matthias Schniedermeyer wrote: > > On 11.12.2014 18:30, Sayler, Craig A. (AFRC-MI)[InuTeq, LLC] wrote: > > > Is there a way to decrypt a drive permanently with out reinstalling? > > > > Yes. > > > > But the much safer way is: > > Backup, make a new filesystem on the previous backing-device & Restore > > from backup. > > > > > > The unsafe(!) 'inplace' method (that as an advantage doesn't need > > additional storage): > > Just open the container normally, 'dd' the mapped container over the > > backing device and pray that process isn't interruped. Because it will > > be a huge PITA if it gets interruped. > > > > > > But don't risk it, Backup & Restore is the way this should be done. > > Interesting approach! Should work though. But you are right that this > is very high risk. Standard Unix methodology, i would say. I did something similar, in reverse (unencrypred -> encrypted), some years ago. Altough i wrote me a script that did the work in steps, so i could resume it if it ever got interrupted. (Better safe than sorry. In the end it wasn't interupted. But that's Murphy's Law: If you are prepared, nothing will happen.) The script did something like this: for each block do copy source to other stable storage fsync update state information fsync copy block from other stable storage to target fsync update state information fsync done The detour is necessary to recover from a partial copy in the last step, otherwise you would need to determine the exact spot (and hope the HDD didn't do a partial sector write) to restart the process. -- Matthias _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
