Preparing a hard drive for encryption.

[phatfish]

Hi,

Ive setup loop-aes for HDD encryption, and the tutorial i was reading suggested that you should fill the drive with random looking data first, before writing encrypted data (Part of the loop-aes readme in fact http://loop-aes.sourceforge.net/loop-AES.README).

The command suggested was this:

dd if=/dev/zero of=/dev/loop1 bs=4k conv=notrunc 2>/dev/null

I have the encryption working fine, but i would like to encrypt some large drives, 200gig. But writing "random" data with the command above seems to take about 5hrs + for 200gig (it took about 5mins to write to a 3gig partion on my XP2000+).

I would be interested to know if anyone has a more efficient way to prepare a large HDD for encryption; or thoughts on any other methods would be appreciated.

Thanks

[cagezero]

i am not sure about other methods for preparing your disk for encryption.
However, just as a note, i am pretty sure the command you posted writes zeros and not
random data to your drive.
for random (or in this case pseudo random) data you need to:

Code: Select all

dd if=/dev/urandom of=/dev/${your drive}

[phatfish]

Yeah sorry thats right, this is what i should have posted:

Code: Select all

Fill the partition with random looking data. "dd" command may take a while to execute if partition is large.

head -c 15 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 | losetup -p 0 -e AES128 /dev/loop3 /dev/hda666
dd if=/dev/zero of=/dev/loop3 bs=4k conv=notrunc 2>/dev/null
losetup -d /dev/loop3

That is what is suggested in the the readme. I assume that the process is actually needed, i take the suggestions in the readme to be from people who know far more about this than me

[cagezero]

cool

[phatfish]

Well it's not that cool since it takes 5hrs to execute the command.

Anyone with any ideas on the questions i mentioned in the first post are appreciated.

Thanks

[davidblewett]

From what I've read, just writing zeros or random data in one pass is not enough. When I prepped my encrypted volume, I used a utility that shredded the free space according to Peter Gutmann's recommendations (can be found here: http://www.cs.auckland.ac.nz/~pgut001/p ... e_del.html). This basically does 35 passes using different writing techniques. Basically, once data has been written to a hard drive there is no guarantee that it can't be resurrected due to the mechanics involved. To do a ~20 gig drive took about 3 or 4 hours if I remember right.

As far as your original question goes, it can't really be sped up. If your IDE drivers are all set to their best performance settings, that's all you can do using the commands you posted.

[phatfish]

Thanks a lot david, thats all i wanted to know really is whether i was doing it the fastest way. If it can't be sped up ill just have to wait. Ill check out the link you mentioned to.

Thanks