How safe is encrypted disks? (data integrity)

Fabian Keil freebsd-listen at
Fri Dec 15 06:46:49 PST 2006

"Chad Gross" <avatar4d at> wrote:

> On 12/14/06, Fabian Keil <freebsd-listen at> wrote:
> >
> > Erik Norgaard <norgaard at> wrote:
> >
> > > I have been thinking to make /home on my laptop encrypted - seems like a
> > > good idea if it gets stolen. Now, how safe is this? Not in terms of the
> > > strength of the encryption algorithm, but in terms of integrity.

> > > What happens in case of power failure, the battery runs out or system
> > > crashes for whatever reason?
> >
> > I have my home slice encrypted with GELI for several month now
> > and so far I didn't notice any effects on the data integrity.
> >
> > I experienced several system crashes and one or two power failures
> > do to empty battery but I didn't lose any data already saved
> > on the disk (that I know of).
> >
> > The only inconvenience is that the system boots to single-user
> > mode if the home slice isn't clean and I then have to fsck it
> > manually.
> >
> > At that point the password for the key is already entered,
> > so I'm not sure why the slice can't be fscked automatically.
> > It could be the .eli extension, but I didn't investigate this
> > any further.

> Yes the manual fsck is a pain. I am not sure why it has to be done manually
> either, but I don't think it is just the .eli extension.  Did you notice you
> have to specify that it is UFS as well?

Yes, I forgot to mention it because I now always call fsck_ffs directly.
I guess this could also explain why it has to be done manually.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url :

More information about the freebsd-questions mailing list