Re: fstrim for LUKS2 encyrypted LVM

To: debian-user@lists.debian.org
Subject: Re: fstrim for LUKS2 encyrypted LVM
From: gene heskett <gheskett@shentel.net>
Date: Fri, 21 Feb 2025 09:29:32 -0500
Message-id: <[🔎] 777bd97e-e458-452b-9e5e-f29f11331ebe@shentel.net>
In-reply-to: <[🔎] 20250221121032.GA18374@framework.djph.net>
References: <[🔎] e24e3d23-3aba-436c-8ae4-275ca52b2df3@debianlists.mobilxpress.net> <[🔎] ca029ac1-6d17-45fd-b9aa-319b1c3d2dfb@shentel.net> <[🔎] Z7gYqBG6fkB0f2dT@tuxteam.de> <[🔎] cd211ee4-54ba-475b-85c9-8270f0c62c26@shentel.net> <[🔎] 20250221121327.690d9c40@incubator.example.net> <[🔎] 20250221121032.GA18374@framework.djph.net>


On 2/21/25 07:11, Dan Purgert wrote:

On Feb 21, 2025, Frank Guthausen wrote:

On Fri, 21 Feb 2025 05:07:10 -0500
gene heskett <gheskett@shentel.net> wrote:

my home net, is behind dd-wrt, in plain text. on an address block
that does not get thru a router. And in 30 years I have not been
touched.

LUKS addresses a completely different attack vector than network
intrusion.  As long as the LUKS device is decrypted on a running
machine it is not much of a help.  LUKS protects data during the
encrypted state, e.g. when a stolen laptop was in shutdown state
at that time, and it helps to protect data when disks are up to
renewal and someone else has got access to the older disks later.
Without LUKS the disk erasing process needs time and might well
be quiet expensive.


Yes and no with the erasure thing -- a handful of SSD options nowadays
do onboard / integral encryption, so "erasing" the drive is essentially
just "deleting the secret key"

But then again, SSDs are quite expensive per TiB if you're talking about
a storage array

So are spinning rust when it only lasts 2 weeks. Seacrate has sold methe last drive they'll ever sell me. Shingled, helium filled, 2T drives,doomed when the helium escapes. They just disappeared off the end of thesata cable. Same cable, plugged into an SSD is working perfectly over 2years later. And working 4x faster.


Cheers, Gene Heskett, CET.

--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

Reply to:

Follow-Ups:
- Re: fstrim for LUKS2 encyrypted LVM
  - From: Dan Purgert <dan@djph.net>
- Re: fstrim for LUKS2 encyrypted LVM
  - From: Henning Follmann <hfollmann@itcfollmann.com>

References:
- fstrim for LUKS2 encyrypted LVM
  - From: Marco Möller <talby@debianlists.mobilxpress.net>
- Re: fstrim for LUKS2 encyrypted LVM
  - From: gene heskett <gheskett@shentel.net>
- Re: fstrim for LUKS2 encyrypted LVM
  - From: <tomas@tuxteam.de>
- Re: fstrim for LUKS2 encyrypted LVM
  - From: gene heskett <gheskett@shentel.net>
- Re: fstrim for LUKS2 encyrypted LVM
  - From: Frank Guthausen <fg.debian@shimps.de>
- Re: fstrim for LUKS2 encyrypted LVM
  - From: Dan Purgert <dan@djph.net>

Prev by Date: Re: fstrim for LUKS2 encyrypted LVM
Next by Date: Re: Alternative to Debian Repository - extract CSV formatted data from PDF
Previous by thread: Re: fstrim for LUKS2 encyrypted LVM
Next by thread: Re: fstrim for LUKS2 encyrypted LVM
Index(es):
- Date
- Thread