On 05/01/13 06:23, T o n g wrote: My understanding/impression is that with Full Disk Encryption, even a single bad sector will have a much larger impact than itself and might ruin the whole disk. ... So, what would you plan for normal home users on disk failure for Disk Encryption? How to cope with it?
Hi, I guess what you are referring to can happen if you get bad sectors where the luks header resides. This is a single point of failure in luks whole disk encryption, to plan for this you must have current backups (but most likely on another encrypted media, so there is always a tiny probability that this is going to happen there too), and backup the luks headers (see command "cryptsetup luksHeaderBackup"). See cryptsetup man for security good practice regarding the headers backups.