Date: Mon, 14 Jan 2008 13:11:38 +0000 From: Volker <volker@vwsoft.com> To: RW <fbsd06@mlists.homeunix.com> Cc: freebsd-geom@freebsd.org Subject: Re: Re: how-to: encryption + journaling (geli + gjournal) Message-ID: <478B5F8A.7090408@vwsoft.com> In-Reply-To: <20080114011412.33a91fac@gumby.homeunix.com.> References: <478A93BF.4070404@vwsoft.com> <20080114011412.33a91fac@gumby.homeunix.com.>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12/23/-58 19:59, RW wrote: > On Sun, 13 Jan 2008 23:42:07 +0100 > Volker <volker@vwsoft.com> wrote: > >> For the archives (as I haven't found a nice how-to on this topic): >> >> A short how-to to get geli + gjournal running smoothly (the lazy way, >> depending mostly on OS infrastructure, no script hacking needed). >> >> - set up your geli provider: >> geli load >> geli init /dev/ad0s1d # check geli(8) for this >> geli attach /dev/ad0s1d >> dd if=/dev/random of=/dev/ad0s1d.eli bs=1m # (use higher values bs=... >> for faster operation) > > It would probably be faster to fill /dev/ad0s1d from /dev/random before > doing the geli init - there's no point in encrypting the random numbers. > It would also ensure that the whole of ad0s1d is pre-filled, and not > just the part accessible as ad0s1d.eli. If you think it doesn't make sense or is a fault, please file a PR as filling the data provider with random data has been taken from the manpage geli(8). Otherwise I'm considering this being a bike shed. If you know it better, I'm wondering why you haven't written a how to in the past?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?478B5F8A.7090408>