LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware > Slackware - Installation
User Name
Password
Slackware - Installation This forum is for the discussion of installation issues with Slackware.

Notices


Reply
  Search this Thread
Old 09-18-2016, 12:58 AM   #1
Slakerlife
Member
 
Registered: May 2016
Location: somewhere in the world!
Distribution: slackware
Posts: 66

Rep: Reputation: Disabled
Speeding up dd urandom for encrypted lvm partition


Hello

I have an old machine which i would like to use Slackware 14.2 ,on the readme crpy document it says that one can use the following command
Dd if=/dev/urandom of=/dev/sdx2

I was using the above command prior to creating my lvm on a 450Gb partition. 25hrs has gone by when I lost power to the computer as you can I guess I have to start over again which I'm not really happy about it, so I was wondering if there is a way to speed up the urandom process? I read frandom is suposed to be faster but when I try that command it tells me it can not find a file or something. Any help or questions are welcome


http://ftp.slackware.com/pub/slackwa...ADME_CRYPT.TXT
 
Old 09-18-2016, 01:12 AM   #2
syg00
LQ Veteran
 
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 20,057

Rep: Reputation: 3670Reputation: 3670Reputation: 3670Reputation: 3670Reputation: 3670Reputation: 3670Reputation: 3670Reputation: 3670Reputation: 3670Reputation: 3670Reputation: 3670
Read the sentence prior to that command.
Pointless IMHO.
 
Old 09-18-2016, 09:26 AM   #3
Slakerlife
Member
 
Registered: May 2016
Location: somewhere in the world!
Distribution: slackware
Posts: 66

Original Poster
Rep: Reputation: Disabled
Syg00, are you referring to the sentence on the Readme file? About someone being able to determine where a encrypted partition ends or start?. I see your point I was thinking the same because after all I'm encrypting my entire second partition, but regardless I would like to find out if there is a way to speed it up, I would like to even know if there is a command to determine how long I would take to do the entire partition prior to starting the process
 
Old 09-18-2016, 10:29 AM   #4
dijetlo
Senior Member
 
Registered: Jan 2009
Location: RHELtopia....
Distribution: Solaris 11.2/Slackware/RHEL/
Posts: 1,491
Blog Entries: 2

Rep: Reputation: Disabled
Urandom is set by "noise". packet entropy, device drivers, et al, so putting it on a network segment while you randomize it would probably help.
 
Old 09-18-2016, 10:49 AM   #5
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: CentOS
Posts: 4,579

Rep: Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097
Quote:
Originally Posted by Slakerlife View Post
I have an old machine which i would like to use Slackware 14.2 ,on the readme crpy document it says that one can use the following command
Dd if=/dev/urandom of=/dev/sdx2

I was using the above command prior to creating my lvm on a 450Gb partition. 25hrs has gone by ...
It is way faster to encrypt zeros with a random key and use that to fill the partition:
Code:
cryptsetup create --key-file /dev/urandom stuffit /dev/sdx2
dd if=/dev/zero of=/dev/mapper/stuffit bs=256k
cryptsetup remove stuffit
The partition is now filled with data indistinguishable from random numbers, and the key to decrypt that was not saved.
 
2 members found this post helpful.
Old 09-18-2016, 05:02 PM   #6
Slakerlife
Member
 
Registered: May 2016
Location: somewhere in the world!
Distribution: slackware
Posts: 66

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by rknichols View Post
It is way faster to encrypt zeros with a random key and use that to fill the partition:
Code:
cryptsetup create --key-file /dev/urandom stuffit /dev/sdx2
dd if=/dev/zero of=/dev/mapper/stuffit bs=256k
cryptsetup remove stuffit
The partition is now filled with data indistinguishable from random numbers, and the key to decrypt that was not saved.
Rknichols, I'm assuming that those are 3 separate commands right? If so when I execute the dd if=/dev/zero of=/dev/mapper/stuffit bs=256k, do I need to specify again sda2 or no because I did that on the first command

Thanks
 
Old 09-18-2016, 07:10 PM   #7
TracyTiger
Member
 
Registered: Apr 2011
Location: California, USA
Distribution: Slackware
Posts: 528

Rep: Reputation: 272Reputation: 272Reputation: 272
Use /dev/mapper/stuffit

Quote:
Originally Posted by Slakerlife View Post
do I need to specify again sda2 or no because I did that on the first command
Butting in here, in case rnichols doesn't respond for quite a while ...

You are correct, you do NOT need to refer to /dev/sda2 in the dd command.

The output file ("of=") needs to be the /dev/mapper/stuffit so that the output will be encrypted. The encryption happens automatically by using the /dev/mapper/stuffit device.

The device /dev/mapper/stuffit is "mapped" to /dev/sda2.
 
Old 09-18-2016, 08:35 PM   #8
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: CentOS
Posts: 4,579

Rep: Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097
Quote:
Originally Posted by TracyTiger View Post
The output file ("of=") needs to be the /dev/mapper/stuffit so that the output will be encrypted. The encryption happens automatically by using the /dev/mapper/stuffit device.

The device /dev/mapper/stuffit is "mapped" to /dev/sda2.
Indeed. The cryptsetup command sets up a tube with /dev/mapper/stuffit on one end and /dev/sda2 on the other. You stuff zeros into the "stuffit" end, and encrypted zeros come out the other end and go into the partition. And yes, you can read those zeros back from /dev/mapper/stuffit until you tear down the tube with the "cryptsetup remove" command. That tube can't be set up again because the encryption key is no longer known.
 
Old 09-19-2016, 09:51 AM   #9
Slakerlife
Member
 
Registered: May 2016
Location: somewhere in the world!
Distribution: slackware
Posts: 66

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by rknichols View Post
Indeed. The cryptsetup command sets up a tube with /dev/mapper/stuffit on one end and /dev/sda2 on the other. You stuff zeros into the "stuffit" end, and encrypted zeros come out the other end and go into the partition. And yes, you can read those zeros back from /dev/mapper/stuffit until you tear down the tube with the "cryptsetup remove" command. That tube can't be set up again because the encryption key is no longer known.
Rknichols, this command worked like a charm, it finished the 450Gb in about 2.5hrs, much better than waiting 25+hrs. I'm curious to know if the command is even required if your encrypting the entire drive?
 
Old 09-19-2016, 11:03 AM   #10
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: CentOS
Posts: 4,579

Rep: Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097Reputation: 2097
Quote:
Originally Posted by Slakerlife View Post
I'm curious to know if the command is even required if your encrypting the entire drive?
Not at all required. It just serves to hide the distinction between the free and used parts of the filesystem, which could reveal something about the type of filesystem and possibly the sizes of some of the files.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't input password for encrypted lvm partition on boot. Phrost5019 Arch 4 03-09-2015 07:46 PM
[SOLVED] Encrypted LVM partition restore naguera Linux - General 0 12-04-2013 04:01 PM
Shrink partition (LVM encrypted PVs + encrypted LVs) gedaj Linux - Newbie 2 05-22-2013 04:44 AM
[SOLVED] Increase size of an encrypted LVM partition jjthomas Slackware 2 01-13-2013 05:10 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware > Slackware - Installation

All times are GMT -5. The time now is 07:54 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration