Date: Tue, 30 May 2006 09:53:44 +1000 From: Norberto Meijome <freebsd@meijome.net> To: "Iantcho Vassilev" <ianchov@gmail.com> Cc: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: geli resilience to power outages Message-ID: <20060530095344.2e8db744@localhost> In-Reply-To: <18e02bd30605290931i6fb55892h634b55201b50d60f@mail.gmail.com> References: <18e02bd30605290443p36f3859bt1359ca75d1c896ce@mail.gmail.com> <20060529231524.0f76b3ba@localhost> <18e02bd30605290931i6fb55892h634b55201b50d60f@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 29 May 2006 16:31:38 +0000 "Iantcho Vassilev" <ianchov@gmail.com> wrote: > On 5/29/06, Norberto Meijome <freebsd@meijome.net> wrote: > > > > On Mon, 29 May 2006 14:43:46 +0300 > > "Iantcho Vassilev" <ianchov@gmail.com> wrote: > > > > > DO someone know if and how GELI is resilience to power outages? > > > > > > Does the box is still encrypted? After reboot what would happen to fcsk? > > > > Hi Iantcho , > > I dont know for a fact the effect with a power outage, but I use it quite > > a lot > > on laptops (which a) freeze sometimes out of nowhere , and b) sometimes > > dont > > resume properly,). In both situations, I've usually had geli mounted > > disks (1 > > x 6 GB, 1 x 500 MB) running when the events happened. ( as well as a 4 GB > > swap > > which is also GELI backed) > > > > They (touch wood) haven't suffered data loss. /usr and /var seem be more > > affected by this ungraceful shutdowns than the .eli devices. > > > > I suppose it's all cool thanks to soft-updates, and the fact that GELI > > encrypts > > on a per block basis (yeah, no more pgp-busted disks like in Windows :) ). > > > > good luck, > > Beto > > > Thanks for the input,Beto.. > > As i didn`t read the GELI "workbook" definitely read man geli , man geom_geli, and the handbook section...and play with it until you feel comfortable with it. > can you tell be can i convert existing > partition in GELI or i should repartition? depends what you want to do. If you want to create a file-backed GELI encrypted file (similar to a PGP Disk in Windows), then you dont need to touch your partitions at all - simply create the file. If you want to have, for example, /usr encrypted, then you need, /dev/ad0s1f.eli instead of . /dev/ad0s1f - you dont believe you need to repartition, but you'll need to wipe all the data and to encrypt the device. Read the docs. Beto
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060530095344.2e8db744>