LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 09-18-2016, 09:08 AM   #1
taylorkh
Senior Member
 
Registered: Jul 2006
Location: North Carolina
Distribution: CentOS 6, CentOS 7 (with Mate), Ubuntu 16.04 Mate
Posts: 1,997

Rep: Reputation: 165Reputation: 165
Encryption of the whole disk vs. a partition filling the whole disk


In the case of a "data" disk (no OS, just bulk data storage) I have always created a partition first (e.g. /dev/sdb1) which fills the whole disk (e.g. /dev/sdb) and then formatted /dev/sdb1. When encrypting such a drive I have again done the same thing. Is there any advantage to encrypting the drive (e.g. /dev/sdb) rather than creating a partition first?

I understand that it is advisable to leave some unallocated space on an SSD so I believe the partition first approach is appropriate in that case. How about a LARGE drive - 6 TB perhaps - which needs to be partitioned with a GUID partition table?

TIA,

Ken
 
Old 09-18-2016, 10:06 AM   #2
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: CentOS
Posts: 4,429

Rep: Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029
Disk drives are typically partitioned. If you choose to use the unpartitioned drive, various tools that expect to see a partitioned drive may report the entire drive as unallocated space, which increases the liklihood of disasterous errors. Also, using a partition gives you more flexibility for the future should you later desire to subdivide that space.
 
1 members found this post helpful.
Old 09-18-2016, 10:11 AM   #3
smallpond
Senior Member
 
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: CentOS 6 & 7
Posts: 3,387

Rep: Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914
1. A 6TB drive is slightly larger than 6TB. However 6TB drives from different manufacturers, or different models from the same manufacturer, will have different total block counts. One reason I always make a whole disk partition slightly smaller than the nominal drive size is so that I can always replace or copy it easily.

2. It allows you to repartition the drive without losing data if you need to add a second partition and you have the ability to shrink the data in-place on the existing partition.

3. So that you can tell it from an empty drive.
 
1 members found this post helpful.
Old 09-18-2016, 10:29 AM   #4
taylorkh
Senior Member
 
Registered: Jul 2006
Location: North Carolina
Distribution: CentOS 6, CentOS 7 (with Mate), Ubuntu 16.04 Mate
Posts: 1,997

Original Poster
Rep: Reputation: 165Reputation: 165
Thanks rknichols,

Good point. I do not like disastrous errors.

Thanks smallpond,

I have experienced the size difference when restoring a Clonezilla image of the OS drive. I can restore a 120 GB drive image to a 128 GB drive. However, to do the reverse I need to restore to a larger drive, shrink the partitions, reimage and restore the new image to the 120 GB drive. I am keeping two copies of my data on two drives. I sync them with a tool called Beyond Compare which lets me see what is different and how/why (file size, date, orphans etc.)

Drive space has gotten so cheap it is not worth backing up to CD/DVD media except in the case of most critical data. A 6 TB drive will provide the storage of about 1,500 DVDs. The media alone would cost about $300 US. I purchased two 6 TB drives for $400 US. I could not hire someone to burn 1,500 DVDs for $100 and I would probably have to replace the DVD drive along the way.

Back to the original subject... I have been doing some studying about encryption and keep coming across "full drive" encryption - before partitioning. How to but not why to. I guess I will keep partitioning first as I always have.

Thanks again,

Ken
 
Old 09-18-2016, 11:35 AM   #5
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: CentOS
Posts: 4,429

Rep: Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029Reputation: 2029
Quote:
Originally Posted by taylorkh View Post
I have experienced the size difference when restoring a Clonezilla image of the OS drive. I can restore a 120 GB drive image to a 128 GB drive.
The point is that you might not be able to restore it to another 120 GB drive. Your nominal "120 GB" drive might actually be 120000011776 bytes. Another "120 GB" drive might actually be 120000008704 bytes. A full image from the first isn't quite going to fit on the second. The only way to avoid that issue is by never allocating sectors beyond the nominal capacity of the drive, 120000000000 bytes (234375000 512-byte sectors).
 
Old 09-19-2016, 11:03 AM   #6
taylorkh
Senior Member
 
Registered: Jul 2006
Location: North Carolina
Distribution: CentOS 6, CentOS 7 (with Mate), Ubuntu 16.04 Mate
Posts: 1,997

Original Poster
Rep: Reputation: 165Reputation: 165
Thanks again rknichols,

I HAVE encountered that situation.

Ken
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Something's filling up my disk, but I don't know what it is. Daravon Linux - Newbie 19 03-09-2018 06:27 AM
[SOLVED] .snapshot filling nfs disk emmalg Linux - Newbie 3 09-08-2010 08:04 AM
[SOLVED] Disk filling up. What is the best way to track down rogue files? mintybadger Linux - Server 2 02-07-2010 03:31 AM
Full disk encryption on boot partition paul_mat Linux - Security 13 03-12-2008 02:11 AM
ksymoops log filling disk to 100% lobo78 Linux - General 0 06-26-2004 12:04 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:19 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration