[dm-crypt] Filling a disk with random data - use a hige bs= to speed it up

Chris Drake Tech at CryptoPhoto.com
Wed Mar 19 00:41:07 CET 2014

Hi Robert,

Remember to use a sensible bs= parameter on "dd" - maybe bs=8225280
instead of bs=4096 - writing one-block-at-a-time (bs=4096) would take
*days* (weeks even!) to fill a modern large drive!

Kind Regards,
Chris Drake
p.s. 8225280 is one whole track on older drives.

Wednesday, March 19, 2014, 8:20:47 AM, you wrote:

RN> On 03/17/2014 09:33 PM, Arno Wagner wrote:
>> On Mon, Mar 17, 2014 at 19:55:05 CET, Cpp wrote:
>>> # cryptsetup -c aes-xts-plain64 -h sha512 -s 512 -d /dev/urandom open
>>> /dev/sda --type plain cryptroot
>> Make ist easier on you, the defaults are really quite enough:
>> # cryptsetup create -d /dev/urandom /dev/sda cryptroot
>>> # dd if=/dev/zero of=/dev/mapper/cryptroot bs=4096
>>> My question is are there any serious drawbacks of using this method in
>>> place of the urandom one?
>> None.

RN> Glad to hear it, since I've been doing that all along.  If you happen
RN> to be doing this with an old cryptsetup, you want to select an IV
RN> that does not repeat on a large volume.  This, for example would be
RN> a poor choice (from cryptsetup 1.1.3):

RN>    Default compiled-in device cipher parameters:
RN>        plain: aes-cbc-plain, Key: 256 bits, Password hashing: ripemd160

More information about the dm-crypt mailing list