Re: disk geometry issues when trying to set up encrypted partition
Have you considered softraid crypto? Thanks for this independent advice. Looks like it works at the block device level which must be better. I must say that while the official openbsd documentation I've seen is second to none, there seems to be relatively little information out there on data encryption (compared to the biblical tombs on the subject in the linux world). I tend to look through practiacal examples and tutorials when I try something new, and the one I found for this was three years old. What I'm trying to acheive is to stripe a few of these 300GB disks together and encrypt the resulting large volume. I shall persevere - thanks again for your replies.
Re: disk geometry issues when trying to set up encrypted partition
On Thu, 17 Jun 2010 06:28 -0500, Jacob Yocom-Piatt j...@fixedpointgroup.com wrote: search the internet and mailing lists or read the softraid, bioctl and associated man pages before stating there is a lack of information. a quick search of this mailing list for the terms disk encryption yields plenty of information: http://marc.info/?l=openbsd-miscw=2r=1s=disk+encryptionq=b alternatively you could have made a google search for openbsd disk encryption and found http://en.wikipedia.org/wiki/Comparison_of_disk_encryption_software I actually said a relative lack of information, but I take your point in good spirit. Many thanks for the links, this is clearly a very helpful community. Thanks all round.
disk geometry issues when trying to set up encrypted partition
Hi there. I'm fairly new to openbsd and I'm hoping someone with better understanding than me of how its disk handling works can help. Beginning my effort to encrypt a 300GB drive in a 64bit Ultrasparc, I followed these initial steps: 1. used disklabel to create a single slice a on the drive 2. made a file system with newfs (is it necessary to have so many backup superblocks?) 3. mounted sd2a on /home/cy and touched it with an empty file /home/cy/cryptfile 4. zeroed out the file (and efectively the drive) with dd if=/dev/zero of=/home/cy/cryptfile bs=512 Here's the (eventual!) output of (4): /home/cy: write failed, file system is full dd: /home/cy/cryptfile: No space left on device 576520353+0 records in 576520352+0 records out 295178420224 bytes transferred in 19810.722 secs (14899932 bytes/sec) Now I have: # disklabel sd2a # /dev/rsd2a: type: SCSI disk: SCSI disk label: MAW3300NC flags: vendor bytes/sector: 512 sectors/track: 930 tracks/cylinder: 8 sectors/cylinder: 7440 cylinders: 13217 total sectors: 585937500 rpm: 10025 interleave: 1 boundstart: 0 boundend: 585937500 drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] a:5859372000 4.2BSD 2048 163841 c:5859375000 unused and: # ls -l /home/cy total 576661216 -rw-r--r-- 1 root wheel 295178420224 Jun 16 03:39 cryptfile and: # df -h Filesystem SizeUsed Avail Capacity Mounted on /dev/sd0a 1007M 44.8M912M 5%/ /dev/sd0k 247G2.0K235G 0%/home /dev/sd0d 3.9G6.0K3.7G 0%/tmp /dev/sd0f 2.0G559M1.3G29%/usr /dev/sd0g 1007M162M795M17%/usr/X11R6 /dev/sd0h 5.9G212K5.6G 0%/usr/local /dev/sd0j 2.0G2.0K1.9G 0%/usr/obj /dev/sd0i 2.0G2.0K1.9G 0%/usr/src /dev/sd0e 7.9G7.7M7.5G 0%/var /dev/sd2a 275G275G -13.7G 105%/home/cy I have no understanding of this. I've never seen a df output that tells me I'm using 13GB more space than the drive is capable of holding. I ask here because there's obviously potential for me to lose data somewhere down the line. I'll be grateful if anyone can explain where I've gone wrong.
Re: disk geometry issues when trying to set up encrypted partition
On Wed, 16 Jun 2010 22:46 +0100, Kevin Chadwick ma1l1i...@yahoo.co.uk wrote: I have no understanding of this. I've never seen a df output that tells me I'm using 13GB more space than the drive is capable of holding. I ask here because there's obviously potential for me to lose data somewhere down the line. I'll be grateful if anyone can explain where I've gone wrong. You can zero the disk device directly but use bs=2m to speed it up or use the file you've created as an encryption device with vnconfig. There are a few ways of encrypting though. Don't worry the -13G is perfectly normal. 275 * 0.05 = 13.75 ie 5% is reserved as root for stability and important work, had you written the file as a normal user you would have had 0 space left and be using 261Gs of 275. Lookup up the faq or previous mails at marc.info as I'm sure the answer is in both. Ok... thanks to all of you for very helpful and quick replies. Also, apologies for not scouring the faq with sufficient tenacity - I've printed it off for some joyous(?) future lunch hours at work. And no more cross-posting if that's written in stone. In this case it didn't seem unreasonable. Thanks again chaps.