View previous topic :: View next topic |
Author |
Message |
porgy n00b
Joined: 08 Dec 2011 Posts: 4
|
Posted: Thu Dec 08, 2011 7:32 pm Post subject: SSD, dmcrypt, pam_mount, allow-discards |
|
|
Hello,
I finally managed to get my encrypted ssd partition mounted via pam_mount. There is only one thing missing: the new discard-option which was introduced in kernel 3.1 and cryptsetup 1.4.
I can successfully use that manually but didn't find any way to use in pam_mount.
Code: | cryptsetup luksOpen --allow-discards /dev/sdaX <MAPPERDEV> |
Is there any way to do that in /etc/security/pam_mount.conf.xml or where do I need to edit?
Thanks and best regards
porgy |
|
Back to top |
|
|
krinn Watchman
Joined: 02 May 2003 Posts: 7470
|
Posted: Fri Dec 09, 2011 3:28 pm Post subject: |
|
|
You are aware encrypting datas is not compressing datas ?
Because most (i won't say all, but i think that) encryption higher the datas size, and any bit change in datas will trigger re-encryption of datas.
Using encryption with SSD is then an action that should only be made by crazy users, or rich ones.
I'm sorry i don't have your answer for your question, but if i could let you save some bucks. |
|
Back to top |
|
|
porgy n00b
Joined: 08 Dec 2011 Posts: 4
|
|
Back to top |
|
|
czernitko n00b
Joined: 06 Jun 2012 Posts: 2
|
Posted: Sat Jan 12, 2013 3:16 pm Post subject: |
|
|
I know that I am posting to an old thread, but since I am solving the same issue, this might help someone:
http://sourceforge.net/tracker/?func=detail&aid=3475297&group_id=41452&atid=430596
According to the author of this patch for pam_mount module, TRIM should be enabled simply by passing discard mount option.
Code: | <volume user="user" mountpoint="/home" path="/dev/sda3" fstype="crypt"
options="defaults,noatime,discard,space_cache,ssd_spread,inode_cache,recovery,compress=lzo"
/> |
This should be sufficient - if pam_mount detects the "discard" option, it should add --allow-discards to cryptsetup call.
PS: this is for really simple use case of having sda3 with LUKS/AES-XTS/Btrfs partition containing my user folder. I am the only user of this laptop, so this is the most appropriate scenario for me.
PS2: The patch was commited in January 2012 (after this thread was started), but I am not sure since which version of pam_mount the patch is incorporated. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|