| View previous topic :: View next topic |
| Author |
Message |
phatfish
n00b
Joined: 25 Jan 2005
Posts: 11
|
 Posted: Wed Mar 08, 2006 11:01 pm Post subject: Preparing a hard drive for encryption. |
 |
|
Hi,
Ive setup loop-aes for HDD encryption, and the tutorial i was reading suggested that you should fill the drive with random looking data first, before writing encrypted data (Part of the loop-aes readme in fact http://loop-aes.sourceforge.net/loop-AES.README).
The command suggested was this:
dd if=/dev/zero of=/dev/loop1 bs=4k conv=notrunc 2>/dev/null
I have the encryption working fine, but i would like to encrypt some large drives, 200gig. But writing "random" data with the command above seems to take about 5hrs + for 200gig (it took about 5mins to write to a 3gig partion on my XP2000+).
I would be interested to know if anyone has a more efficient way to prepare a large HDD for encryption; or thoughts on any other methods would be appreciated.
Thanks |
|
| Back to top |
|
 |
cagezero
Tux's lil' helper
Joined: 19 Dec 2005
Posts: 81
|
| Posted: Wed Mar 08, 2006 11:11 pm Post subject: |
|
|
i am not sure about other methods for preparing your disk for encryption.
However, just as a note, i am pretty sure the command you posted writes zeros and not
random data to your drive.
for random (or in this case pseudo random) data you need to:
| Code: | | dd if=/dev/urandom of=/dev/${your drive} |
|
|
| Back to top |
|
|
phatfish
n00b
Joined: 25 Jan 2005
Posts: 11
|
| Posted: Wed Mar 08, 2006 11:25 pm Post subject: |
|
|
Yeah sorry thats right, this is what i should have posted:
| Code: |
Fill the partition with random looking data. "dd" command may take a while to execute if partition is large.
head -c 15 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 | losetup -p 0 -e AES128 /dev/loop3 /dev/hda666
dd if=/dev/zero of=/dev/loop3 bs=4k conv=notrunc 2>/dev/null
losetup -d /dev/loop3
|
That is what is suggested in the the readme. I assume that the process is actually needed, i take the suggestions in the readme to be from people who know far more about this than me  |
|
| Back to top |
|
|
cagezero
Tux's lil' helper
Joined: 19 Dec 2005
Posts: 81
|
| Posted: Wed Mar 08, 2006 11:29 pm Post subject: |
|
|
cool  |
|
| Back to top |
|
|
phatfish
n00b
Joined: 25 Jan 2005
Posts: 11
|
| Posted: Thu Mar 09, 2006 5:17 pm Post subject: |
|
|
Well it's not that cool since it takes 5hrs to execute the command.
Anyone with any ideas on the questions i mentioned in the first post are appreciated.
Thanks |
|
| Back to top |
|
|
davidblewett
Apprentice
Joined: 15 Feb 2004
Posts: 274
Location: Indiana
|
| Posted: Thu Mar 09, 2006 8:00 pm Post subject: |
|
|
From what I've read, just writing zeros or random data in one pass is not enough. When I prepped my encrypted volume, I used a utility that shredded the free space according to Peter Gutmann's recommendations (can be found here: http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html). This basically does 35 passes using different writing techniques. Basically, once data has been written to a hard drive there is no guarantee that it can't be resurrected due to the mechanics involved. To do a ~20 gig drive took about 3 or 4 hours if I remember right.
As far as your original question goes, it can't really be sped up. If your IDE drivers are all set to their best performance settings, that's all you can do using the commands you posted.
_________________
No guilt in life, no fear in death
this is the power of Christ in me
From lifes first cry to final breath
Jesus commands my destiny
-- Newsboys, "In Christ Alone", "Adoration: The Worship Album" |
|
| Back to top |
|
|
phatfish
n00b
Joined: 25 Jan 2005
Posts: 11
|
| Posted: Fri Mar 10, 2006 2:22 pm Post subject: |
|
|
Thanks a lot david, thats all i wanted to know really is whether i was doing it the fastest way. If it can't be sped up ill just have to wait. Ill check out the link you mentioned to.
Thanks |
|
| Back to top |
|
|
|
Networking & Security
