From owner-freebsd-questions@FreeBSD.ORG Fri Dec 15 14:46:49 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 75E7916A407 for ; Fri, 15 Dec 2006 14:46:49 +0000 (UTC) (envelope-from freebsd-listen@fabiankeil.de) Received: from smtprelay05.ispgateway.de (smtprelay05.ispgateway.de [80.67.18.43]) by mx1.FreeBSD.org (Postfix) with ESMTP id 54E4743CA3 for ; Fri, 15 Dec 2006 14:44:47 +0000 (GMT) (envelope-from freebsd-listen@fabiankeil.de) Received: (qmail 7734 invoked from network); 15 Dec 2006 14:46:27 -0000 Received: from unknown (HELO localhost) (775067@[217.50.145.128]) (envelope-sender ) by smtprelay05.ispgateway.de (qmail-ldap-1.03) with SMTP for ; 15 Dec 2006 14:46:27 -0000 Date: Fri, 15 Dec 2006 15:46:11 +0100 From: Fabian Keil To: freebsd-questions@freebsd.org Message-ID: <20061215154611.4ea2275c@localhost> In-Reply-To: <17489c7a0612140525i46b19403k96ac866be59ca951@mail.gmail.com> References: <457C686E.5050504@locolomo.org> <20061214132434.5ac20b82@localhost> <17489c7a0612140525i46b19403k96ac866be59ca951@mail.gmail.com> X-Mailer: Sylpheed-Claws 2.5.2 (GTK+ 2.10.6; i386-portbld-freebsd6.2) X-PGP-KEY-URL: http://www.fabiankeil.de/gpg-keys/freebsd-listen-2008-08-18.asc Mime-Version: 1.0 Content-Type: multipart/signed; boundary=Sig_U6cDDYhNom4Z0Qwjf23pl3A; protocol="application/pgp-signature"; micalg=PGP-SHA1 Subject: Re: How safe is encrypted disks? (data integrity) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Dec 2006 14:46:49 -0000 --Sig_U6cDDYhNom4Z0Qwjf23pl3A Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable "Chad Gross" wrote: > On 12/14/06, Fabian Keil wrote: > > > > Erik Norgaard wrote: > > > > > I have been thinking to make /home on my laptop encrypted - seems lik= e a > > > good idea if it gets stolen. Now, how safe is this? Not in terms of t= he > > > strength of the encryption algorithm, but in terms of integrity. > > > What happens in case of power failure, the battery runs out or system > > > crashes for whatever reason? > > > > I have my home slice encrypted with GELI for several month now > > and so far I didn't notice any effects on the data integrity. > > > > I experienced several system crashes and one or two power failures > > do to empty battery but I didn't lose any data already saved > > on the disk (that I know of). > > > > The only inconvenience is that the system boots to single-user > > mode if the home slice isn't clean and I then have to fsck it > > manually. > > > > At that point the password for the key is already entered, > > so I'm not sure why the slice can't be fscked automatically. > > It could be the .eli extension, but I didn't investigate this > > any further. > Yes the manual fsck is a pain. I am not sure why it has to be done manual= ly > either, but I don't think it is just the .eli extension. Did you notice = you > have to specify that it is UFS as well? Yes, I forgot to mention it because I now always call fsck_ffs directly. I guess this could also explain why it has to be done manually. Fabian --=20 http://www.fabiankeil.de/ --Sig_U6cDDYhNom4Z0Qwjf23pl3A Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (FreeBSD) iD8DBQFFgrU9BYqIVf93VJ0RAiFtAJ9oIhz/kOiUhbJkcON4weOzRY626ACfRZzx Co7dwvf0Rt+xDUm4Y788UGU= =uz6a -----END PGP SIGNATURE----- --Sig_U6cDDYhNom4Z0Qwjf23pl3A--