From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sVdGY9pDR6bj for ; Sat, 29 Dec 2012 10:05:17 +0100 (CET) Received: from mail-ea0-f177.google.com (mail-ea0-f177.google.com [209.85.215.177]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Sat, 29 Dec 2012 10:05:17 +0100 (CET) Received: by mail-ea0-f177.google.com with SMTP id c10so4489500eaa.8 for ; Sat, 29 Dec 2012 01:05:16 -0800 (PST) Message-ID: <50DEB248.9040106@gmail.com> Date: Sat, 29 Dec 2012 10:05:12 +0100 From: Milan Broz MIME-Version: 1.0 References: <20121227095229.GA9356@tansi.org> <20121228150430.GA17491@tansi.org> <50DDF171.1080807@gmail.com> <20121229070619.GA21827@tansi.org> In-Reply-To: <20121229070619.GA21827@tansi.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] Avoiding fsck.ext4 destruction of crypto_luks data List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt On 12/29/2012 08:06 AM, Arno Wagner wrote: > On Fri, Dec 28, 2012 at 08:22:25PM +0100, Milan Broz wrote: > Ext2 superblock signatures are all not wiped. Test I ran: Backup signatures should not be problem, (from the fsck problem POV, not from security/old data on disk POV of course). Tools screams a lot if you want to use these only and primary signature is missing. Anyway, for wiping signature please suggest wipefs(8), this tool is designed to wipe all known signatures. (I am trying to avoid linking cryptsetup to libblkid, but if this happens some time in future, cryptsetup can call wipefs directly.) IOW wipefs -a should destroy all known signatures to blkid (by minimalistic writes, this is not full device wipe, so it is very quick). Milan