GELI encryption and HDD critical temperature

Brent Jones brent.jones at
Thu Feb 21 20:00:39 UTC 2008

> -----Original Message-----
> From: owner-freebsd-questions at 
> [mailto:owner-freebsd-questions at] On Behalf Of cpghost
> Sent: Thursday, 21 February 2008 11:42 p.m.
> To: s.g.
> Cc: freebsd-questions at
> Subject: Re: GELI encryption and HDD critical temperature
> On Tue, Feb 19, 2008 at 11:41:18AM +0300, s.g. wrote:
> > According to smartctl -a, the temperature of the encrypted 
> drives is ~59C. 
> > The temperature of the unencrypted drive is, however,  
> ~41C, according to 
> > the same smartctl -a.
> I don't know. But I've noticed that when drives access GBDE-encrypted
> partitions (I didn't try with GELI yet), they are much louder (head
> seeking). It seems they seek more often on encrypted than 
> non-encrypted
> partitions. Perhaps caching is turned off at some point up the chain?
> If that's the case, it is no wonder that encrypted partitions tend to
> result in higher drive temps (and faster drive wear).

It was explained by another poster, I don't remember when or by whom,
that GBDE writes sectors to disk in a pseudorandom fashion to make
cryptanalysis more difficult.  This would explain the seeking/noise on a
GBDE disk.

A question I have which is related to all of this:  Does GELI write
sectors in this pseudorandom fashion as well?  And, if so is there a way
to turn this off so that things are written contiguously?  This could be
useful for those wishing to encrypt things for most "normal" threats,
such as your teenage neighbour breaking into your house and stealing
your bitchin computer, while minimising the performance hit of
pseudorandom sector writes.


More information about the freebsd-questions mailing list