[dm-crypt] question

Arno Wagner arno at wagner.name
Sun Dec 14 21:23:30 CET 2014


On Sun, Dec 14, 2014 at 19:15:57 CET, Milan Broz wrote:
> On 12/11/2014 11:04 PM, Matthias Schniedermeyer wrote:
> > 
> > The unsafe(!) 'inplace' method (that as an advantage doesn't need 
> > additional storage):
> > Just open the container normally, 'dd' the mapped container over the 
> > backing device and pray that process isn't interruped. Because it will 
> > be a huge PITA if it gets interruped.
> 
> Just FYI...
> 
> I wonder why I did not add this option "permanently decrypt" to
> cryptsetup-reencrypt.

This was likely just too obvious. Oversights like that happen to
me too. 
 
> Reencrypt tool uses similar approach to dd just it can be safely 
> interrupted and restarted.

Difference here would be that overwriting the header area
would need to be done last and data needs to be shifted 
forward by the data-offset. Having a header-sized unused 
area at the end should be non-critical.

> Added enhancement issue for it
> https://code.google.com/p/cryptsetup/issues/detail?id=236

Excellent.

Arno


> Milan
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier


More information about the dm-crypt mailing list