[dm-crypt] Filling a disk with random data - use a hige bs= to speed it up
Tech at CryptoPhoto.com
Wed Mar 19 00:41:07 CET 2014
Remember to use a sensible bs= parameter on "dd" - maybe bs=8225280
instead of bs=4096 - writing one-block-at-a-time (bs=4096) would take
*days* (weeks even!) to fill a modern large drive!
p.s. 8225280 is one whole track on older drives.
Wednesday, March 19, 2014, 8:20:47 AM, you wrote:
RN> On 03/17/2014 09:33 PM, Arno Wagner wrote:
>> On Mon, Mar 17, 2014 at 19:55:05 CET, Cpp wrote:
>>> # cryptsetup -c aes-xts-plain64 -h sha512 -s 512 -d /dev/urandom open
>>> /dev/sda --type plain cryptroot
>> Make ist easier on you, the defaults are really quite enough:
>> # cryptsetup create -d /dev/urandom /dev/sda cryptroot
>>> # dd if=/dev/zero of=/dev/mapper/cryptroot bs=4096
>>> My question is are there any serious drawbacks of using this method in
>>> place of the urandom one?
RN> Glad to hear it, since I've been doing that all along. If you happen
RN> to be doing this with an old cryptsetup, you want to select an IV
RN> that does not repeat on a large volume. This, for example would be
RN> a poor choice (from cryptsetup 1.1.3):
RN> Default compiled-in device cipher parameters:
RN> plain: aes-cbc-plain, Key: 256 bits, Password hashing: ripemd160
More information about the dm-crypt