LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 11-24-2012, 07:59 AM   #1
Ulysses_
Member
 
Registered: Jul 2009
Posts: 639

Rep: Reputation: 42
Like truecrypt but better protected against drive failures


Somewhere I read that with truecrypt containers if the physical drive develops a fault you lose too much data. Maybe they meant the entire container is invalidated or something like that. What exactly might be the issue with truecrypt containers?

What are some alternative file encryption solutions that offer more recovery in case of failure or are better protected against partial failure like bad sectors? Would rather not buy a second drive to do raid-1.

Last edited by Ulysses_; 11-24-2012 at 08:06 AM.
 
Old 11-24-2012, 03:02 PM   #2
NyteOwl
Member
 
Registered: Aug 2008
Location: Nova Scotia, Canada
Distribution: Slackware, OpenBSD, others periodically
Posts: 512

Rep: Reputation: 138Reputation: 138
In the case of unencrypted data if the sector occurs in a file you may be able to recover some of the file, or at most lose one file. If it occurs in a large encrypted container, you lose the whole container as there is no way to determine what the missing data is and what the good data is.

If you have a hardware failure of some sort, including an unrelocatable bad sector, you can say goodbye to any data that relies on that sector. This is true regardless of the encryption system in use be it Truecrypt, LUKS, Bitlocker(WIn), etc. or a hardware encrypted device.

If you use encryption either on volumes/containers or full partitions/drives you need to keep good backups and RAID 1 or above is highly recommended to reduce downtime.
 
Old 11-24-2012, 03:20 PM   #3
Ulysses_
Member
 
Registered: Jul 2009
Posts: 639

Original Poster
Rep: Reputation: 42
Then a bad sector can destroy all files in a container, but only one file in unencrypted format.
Since a second drive is not wanted, can't raid-1 be made out of two partitions on the same disk, or two containers on the same partition?

Truecrypt must have a solution to this problem of their software.
 
Old 11-24-2012, 03:30 PM   #4
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Gentoo
Posts: 15,357
Blog Entries: 2

Rep: Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980
RAID-1 is not meant to protect your data, its sole purpose is to minimize downtime. A RAID-1 over two partitions on the same disk is possible, but will not protect you against drive failure and at the same time can't give you what it is designed for.
If you want to always have a good copy of your valuable data invest time and money in a good backup plan instead.
 
1 members found this post helpful.
Old 11-24-2012, 04:04 PM   #5
ntubski
Senior Member
 
Registered: Nov 2005
Distribution: Debian
Posts: 2,386

Rep: Reputation: 808Reputation: 808Reputation: 808Reputation: 808Reputation: 808Reputation: 808Reputation: 808
Quote:
Originally Posted by NyteOwl View Post
In the case of unencrypted data if the sector occurs in a file you may be able to recover some of the file, or at most lose one file. If it occurs in a large encrypted container, you lose the whole container as there is no way to determine what the missing data is and what the good data is.
I don't believe this is the case. You can still decrypt the uncorrupted parts.
 
Old 11-24-2012, 04:28 PM   #6
Ulysses_
Member
 
Registered: Jul 2009
Posts: 639

Original Poster
Rep: Reputation: 42
What I have seen is that hard drives get bad sectors towards the end of their life, they do not die instantly. So raid-1 between partitions on the same disk seems useful for bad sectors. How is it done?
 
Old 11-24-2012, 04:55 PM   #7
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Gentoo
Posts: 15,357
Blog Entries: 2

Rep: Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980Reputation: 3980
If you can live with the massive performance impact and the reduced lifetime due to massive increase in head movements just use mdadm to create a software RAID-1 over those two partitions.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Truecrypt Drive Encryption (CLI Only) DoctorZeus Linux - Security 4 05-31-2012 06:26 AM
2 hard drive failures at once mattsoftnet Linux - Hardware 15 08-12-2011 10:58 PM
mdadm raid6 active despite 3 drive failures roboa1983 Linux - Server 2 07-26-2011 09:34 PM
[SOLVED] Automount Truecrypt, Truecrypt command lline OS Arch Linux yanfaun Linux - Software 5 09-26-2010 07:37 PM
Truecrypt encrypted USB drive on Linux irairaira Linux - Newbie 9 01-09-2009 01:09 AM


All times are GMT -5. The time now is 02:20 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration