[dm-crypt] Avoiding fsck.ext4 destruction of crypto_luks data

Arno Wagner arno at wagner.name
Sat Dec 29 12:52:22 CET 2012


On Sat, Dec 29, 2012 at 10:05:12AM +0100, Milan Broz wrote:
> On 12/29/2012 08:06 AM, Arno Wagner wrote:
> > On Fri, Dec 28, 2012 at 08:22:25PM +0100, Milan Broz wrote:
> 
> > Ext2 superblock signatures are all not wiped. Test I ran:
> 
> Backup signatures should not be problem, (from the fsck problem
> POV, not from security/old data on disk POV of course).
> 
> Tools screams a lot if you want to use these only and primary
> signature is missing.

Yes, they should. I don't see this as a real problem.
 
> Anyway, for wiping signature please suggest wipefs(8),
> this tool is designed to wipe all known signatures.

Added. I also give long wipe instructions, but have now
wipefs as fast one.

Arno



> (I am trying to avoid linking cryptsetup to libblkid, but
> if this happens some time in future, cryptsetup can call wipefs
> directly.)
> 
> IOW
>  wipefs -a <device>
> 
> should destroy all known signatures to blkid
> (by minimalistic writes, this is not full device
> wipe, so it is very quick).
> 
> Milan
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
One of the painful things about our time is that those who feel certainty
are stupid, and those with any imagination and understanding are filled
with doubt and indecision. -- Bertrand Russell


More information about the dm-crypt mailing list