Beso wrote:
2009/1/21 The Doctor <[email protected]>:
Duncan wrote:
and, if you have experiences with it, do you know what could happen
without fsck on an unsafely unmounted luks partition?
Luks I know nothing of. Someday when I get the appropriate round tuit...
I'm using LUKS on a few of my systems, though not with ReiserFS (for
reasons of secure data deletion). I could run a few tests later using
image files or USB keys and let you know how it goes.
that would be much appreciated.
I don't have too much experience with luks, but I have used crypto-loop.
I would think that the risks to a non-fsck'ed unclean filesystem would
be the same with or without the underlying encryption. However, if you
managed to hose your filesystem the extra layer of encryption certainly
wouldn't make it easier to rescue should you attempt to do so. If you
had a big enough partition lying around you could in theory just dd
if=/dev/loop# of=/dev/dest to create an unencrypted copy - which would
then be hosed in the same way as it would have been if the encryption
weren't there.
All of this assumes that luks contains no bugs. If the encryption layer
botches your data all bets are off. That happened to me with lvm - I
managed to hose half my system that way (an fsck on one logical volume
managed to hose all the other logical volumes in the same volume group).
It is a rare problem, but I'm now just running on bare md devices
(and just running on md gives me some options for expanding storage later).
