From: "shmick@riseup.net" <shmick@riseup.net>
To: Ondrej Kozina <okozina@redhat.com>, dm-crypt@saout.de
Subject: Re: [dm-crypt] re-format existing luks partition
Date: Fri, 22 Nov 2013 22:49:43 +1100 [thread overview]
Message-ID: <528F44D7.70604@riseup.net> (raw)
In-Reply-To: <528F330C.7090407@redhat.com>
Ondrej Kozina:
> On 11/22/2013 09:26 AM, shmick@riseup.net wrote:
>> can i re-format an existing luks partition (as the same /dev/sda[x] and
>> simply re-copy an fsarchive operating system backup straight to it
>> without anything further required ?
>
> There's an offline cryptsetup-reencrypt tool in cryptsetup 1.5.0 and
> later. It's really offline so the device needs to umnouted before
> reencrypting.
>
> Also you should consider shrinking the filesystem residing on the luks
> device (and after that also the device) before actual reencryption. It
> makes reencryption sector-by-sector no matter if it is used by
> filessytem or not.
thank you for the advice
>
> Also there are some fixes ready for reencryption tool on the way so you
> may be also interested waiting for 1.6.3 release in coming weeks.
i shall wait around for some updates
just finally as an aside, is this method truly safe compared to starting
again ?
is there any peer review of cryptsetup's operation as a whole similarly
like truecrypt had by a german organisation a few years back ?
>
> Regards
> Ondrej
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>
next prev parent reply other threads:[~2013-11-22 11:50 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-22 8:26 [dm-crypt] re-format existing luks partition shmick
2013-11-22 10:33 ` Ondrej Kozina
2013-11-22 11:49 ` shmick [this message]
2013-11-22 14:19 ` Robert Nichols
2013-11-22 15:33 ` Arno Wagner
2013-11-26 12:06 ` [dm-crypt] open ext-2/3/4 luks container, ext2fsd + FreeOTFE in Windows shmick
2013-11-26 12:34 ` Milan Broz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=528F44D7.70604@riseup.net \
--to=shmick@riseup.net \
--cc=dm-crypt@saout.de \
--cc=okozina@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox