Re: dmcrypt on an existing partition (firewire external disk)

To: Andrew Henry <adhenry@bredband.net>, debian-user@lists.debian.org
Subject: Re: dmcrypt on an existing partition (firewire external disk)
From: Andrew Sackville-West <andrew@farwestbilliards.com>
Date: Sat, 1 Dec 2007 07:44:18 -0800
Message-id: <[🔎] 20071201154418.GU3386@localhost.localdomain>
Mail-followup-to: Andrew Henry <adhenry@bredband.net>, debian-user@lists.debian.org
In-reply-to: <475149B9.1030100@bredband.net>
References: <474DCFD2.9040300@bredband.net> <20071129165058.GT3386@localhost.localdomain> <474FE800.3080808@bredband.net> <20071130183051.GM3386@localhost.localdomain> <475149B9.1030100@bredband.net>

this belongs on the list...

On Sat, Dec 01, 2007 at 12:47:05PM +0100, Andrew Henry wrote:
> Andrew Sackville-West wrote:
> > nice guide. it was definitely part of my list of open tabs when I was
> > setting up my encrypted laptop. He's got some other good ones there as
> > well. 
> >
> > A
> >   
> Somethings broken :(

:(

> 
> I followed the guide to the letter, and it all seemed to work
> wonderfully.  Then the pain began when I started to move my files back
> to the encrypted volume.  What a performance killer!  It's eating 90%
> CPU and it takes *forever*, because it keeps 'hanging'.  If I switch
> focus to another window, then kcryptd/0 and kjournald stop working (they
> are the processes taking 90%).  If I shut laptop lid (set to blank
> screen) then they stop working.  If the screensaver activates, then they
> stop working.  When they stop (zero percent CPU) then the disk activity
> stops as well.
> 

I've not seen this and my whole laptop is encrypted. 

> When I run scp from a ethernet attached laptop then scp says:
> 
> ubuntu-7.10-alternate-amd64.iso               86%  684MB   2.9MB/s  
> -stalled-
> 
> and as you can see by the transfer rate, it is nowhere near the 11MB/s I
> was getting consistently before encrypting.
> 
> Is this normal write performance? 

I honestly don't know. There *has* to be some performance hit because
the data gets mangled before hitting the disk. I don't *notice* any
performance hit on my laptop. I'm not in a position at the moment to
compare in the same way as you, but I did capture some speeds during
my setup. When I was wiping the encrypted partition during setup, I
got between 26 and 36 MB/s writing depending on where on the disk I
was. So I'd say what you're seeing is not typical. Note that I'm on a
pretty new laptop with halfway decent specs.

> Can the "terminal loses focus: copy
> suspends" behaviour be fixed?  I have not tested read performance yet,
> but I expect and hope that it will be more normal.

I would say you've got something messed up there. Just a quick
run-down of what I've done:

1. modprobe dm_crypt sha256 aes_i586. confirmed it worked by ls -l
   /dev/mapper/control
2. create the encrypted partition: cryptsetup -c aes-cbc-essiv:sha256
   -y luksFormat /dev/<encrypted-part>
3. map it to a /dev/mapper/volume: cryptsetup luksOpen
   /dev/<encrypted-part> crypt-part
4. create a filesystem on /dev/mapper/crypt-part and away you go.

this is all on sid, BTW.

hth

A

Attachment: signature.asc
Description: Digital signature

Reply to:

Prev by Date: Re: Recommend good notes/calendar plugin/client/suites ?
Next by Date: Can't to install postgresql-7.4 server on Etch
Previous by thread: Re: dmcrypt on an existing partition (firewire external disk)
Next by thread: Re: dmcrypt on an existing partition (firewire external disk)
Index(es):
- Date
- Thread