I'm looking for a faster way to prepare hard disk drives for encryption (dm-crypt, LUKS) writing random numbers to the entire disk. I'd like to know how other slackers handle this and solicit suggestions.
I have been using the old, usually good enough, standby ...
Code:
dd if=/dev/urandom of=/dev/sdx bs=xxxx
This worked fine for a single 120GB drive. I just let it run overnight and built the machine the next day.
But
/dev/random and
/dev/urandom aren't good sources for generating large numbers of bits. When I install five 2TB drives in a system this takes a loooong time. I have to start preparing the disks more than a week before I can build the system.
Is there any way to speed this up when booting then installing a system from a Slack CD/DVD?
--------------
These are the options I can think of in order of preference.
1. Boot an empty system from a Slack CD/DVD and use the resources available to prepare the disks for RAID & encryption Just like I do now but only
faster.
2. Boot a standalone utility/OS from CD to write non-repeating random number sequences to the disk (quickly). Perhaps on option in a disk erase utility?
3. Boot from a Slack CD/DVD as #1 above but then mount a CD or USB flash drive with an utility to to the job (quickly write random numbers to hard disks) and works in the environment currently running.
4.
Install Slack from CD/DVD then install the libraries/utilities/hardware needed to prepare the disks (e.g. gpg, openssl, haveged, rng-tools, hardware entropy generators, etc). Then re-install the final version of Slack on the now prepared hard disks.
5. First attach each disk to a separate "disk preparation" computer already built and configured for this job. Then transport the disks and install on the new machine.
6. Ignore disk preparation and hope the perpetrator isn't sophisticated enough to take advantage of knowing which sectors of the disk are written and which ones aren't.
---------
I'm guessing that option # 1 doesn't offer the resources to speed things up (increase entropy). Please speak up if I'm wrong on this, as this is my preference.
Perhaps there is a standalone utility (option # 2) out there that I can use. The random number sequence run length should be large before repeating (>2TB) or else the utility should re-seed the generator before the sequence repeats. (even though /dev/urandom with a depleted entropy pool may produce repeating sequences now)
Does anyone know of a standalone utility that boots from CD and properly prepares the disks for encryption? (I know ... not really a Slackware question)
I'm normally not in a hurry when I work with computers, but working with large capacity disk drives now encourages me to look for faster methods of disk preparation.
Thanks.