Encrypted slice with geli
Modulok
modulok at gmail.com
Mon Apr 20 20:17:41 UTC 2009
On 4/20/09, Bernt Hansson <bernt at bah.homeip.net> wrote:
> Hello list!
>
> I was thinking of makeing a slice encrypted with geli.
>
> My question is: does geli init -s 4096 /dev/ad* erase the data on the
> slice. The handbook didn't say yes or no, and I don't want to try
> without asking.
Short answer: Yes, it will blow away your data. It will make any data
which previously lived in the slice inaccessible. Only do this on an
empty
slice.
Cryptographically speaking: No, the majority of your data still exists as
magnetic signatures on the physical disk. (Though is not directly accessible.)
If your intent was to securely and irrevocably destroy the data on a slice,
the command you showed will not do that.
-Modulok-
More information about the freebsd-questions
mailing list