From: "B. S." <bs27975@gmail.com>
To: linux-btrfs@vger.kernel.org
Subject: Pointers to mirroring partitions (w/ encryption?) help?
Date: Fri, 03 Jun 2016 16:30:10 -0400 [thread overview]
Message-ID: <5751E8D2.7070001@gmail.com> (raw)
Hallo. I'm continuing on sinking in to btrfs, so pointers to concise
help articles appreciated. I've got a couple new home systems, so
perhaps it's time to investigate encryption, and given the bit rot I've
seen here, perhaps time to mirror volumes so the wonderful btrfs
self-healing facilities can be taken advantage of.
Problem with today's hard drives, a quick look at Canada Computer shows
the smallest drives 500GB, 120GB SSDs, far more than the 20GB or so an
OS needs. Yet not looking to put in a 2nd HD, either. It feels like
mirroring volumes makes sense.
(EFI [partitions] also seem to be sticking their fingers in here.]
Assume a CD sized (680MB) /boot, and perhaps a 200MB (?) sized EFI
partition, it seems to me one sets up / as usual (less complex install),
then creates another partition for mirroring, later. IIUC, btrfs add
device /dev/sda4 / is appropriate, then. Then running a balance seems
recommended.
Confusing, however, is having those (both) partitions encrypted. Seems
some work is needed beforehand. But I've never done encryption. I have
come across https://github.com/gebi/keyctl_keyscript, so I understand
there will be gotchas to deal with - later. But not there yet, and not
real sure how to start.
The additional problem is most articles reference FDE (Full Disk
Encryption) - but that doesn't seem to be prudent. e.g. Unencrypted
/boot. So having problems finding concise links on the topics, -FDE
-"Full Disk Encryption".
Any good links to concise instructions on building / establishing
encrypted btrfs mirror volumes? dm_crypt seems to be the basis, and not
looking to add LVM, seems an unnecessary extra layer of complexity.
It also feels like I could mkfs.btrfs /dev/sda3 /dev/sda4, then mirror
subvolumes (or it inherently comes along for the ride?) - so my
confusion level increases. Especially if encryption is added to the mix.
So, I could take an HD, create partitions as above (how? e.g. Set up
encryption / btrfs mirror volumes), then clonezilla (?) partitions from
a current machine in. I assume mounting a live cd then cp -a from old
disk partition to new disk partition won't 'just work'. (?)
Article suggestions?
next reply other threads:[~2016-06-03 20:30 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-03 20:30 B. S. [this message]
2016-06-04 1:39 ` Pointers to mirroring partitions (w/ encryption?) help? Justin Brown
2016-06-04 5:33 ` B. S.
2016-06-04 7:46 ` Andrei Borzenkov
2016-06-04 17:31 ` B. S.
2016-06-04 21:14 ` Andrei Borzenkov
2016-06-04 19:05 ` Chris Murphy
2016-06-04 21:07 ` Andrei Borzenkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5751E8D2.7070001@gmail.com \
--to=bs27975@gmail.com \
--cc=linux-btrfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).