Re: cryptsetup-reencrypt additional options

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Perry,

since reencryption is a high-risk operation, you should just go via
your regular backup+restore procedure. You have one, right?

Regards,
Arno 


On Thu, Aug 03, 2017 at 06:17:46 CEST, Perry Thompson wrote:
> Hello there,
> 
> I had a quick question about the possibility of getting additional
> features added to cryptsetup-reencrypt. This may be asking for too much
> and I might be better off getting a second drive, putting LUKS on it,
> and transferring my files to it instead, but I thought I would ask
> anyways.
> 
> I have a drive with LUKS set up on it. The LUKS header is on a USB
> drive, and my data has an offset of 4096 512-byte sectors.
> 
> I was looking to encrypt a non-encrypted drive that I have on another
> machine. I was thinking of using cryptsetup-reencrypt, however because
> I have a detached header and an offset for the data, the current
> cryptsetup-reencrypt wouldn't work for me.
> 
> Would maybe adding --align-payload and --header options be something
> that might be possible? Even having a way to have it put the header at
> the start of the disk and use up those "free" 2MiB where my GPT stuff
> is, I could then manually extract the header and then overwrite it
> later.
> 
> I was just curious on thoughts about adding such options to the
> program, although now that I'm typing all of this out, I'm thinking
> that getting a second drive and copying the data to a freshly-encrypted
> drive might save me a lot of hassle.
> 
> Thank you for taking the time to read this.
> 
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@xxxxxxxx
> http://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@xxxxxxxxxxx
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux