[dm-crypt] Is erasing hard disk drive mandatory?

Thomas Bastiani thom at codehawks.eu
Fri May 30 17:58:20 CEST 2014


On 05/30/14 16:17, Stephen Cousins wrote:
> Hi Heinz,
> 
> I agree. The field, by it's very nature, has varying levels of paranoia
> (rightly so as we are seeing these days) and this level is more than what I
> need for my purposes so I can save some time by not having to send random
> data to all of the drives during the build process.
> 
> Steve
> 

I tend to do the erase pass because it doesn't have a performance cost
on hard drives. On SSD's though, this would prevent TRIM from
functioning properly and make the SSD appear as full to the controller
which would hurt performance. So I tend to not erase SSDs with random
data before encryption. The other thing is if you TRIM NAND cells on
your SSD their contents should be unrecoverable as opposed to standard
hard-drives.

--
Thomas


More information about the dm-crypt mailing list