Robert Nichols wrote:
On 9/24/22 9:31 PM, Tim via users wrote:
On Sat, 2022-09-24 at 11:14 -0500, Robert Nichols wrote:
If you follow the recommendation to fill the device with random data first
When was that ever recommended, and where?
While a logical thing to do, I've never seen anything or anyone ever say that.
I recall that recommendation being in the cryptsetup FAQ, but it doesn't seem to be there any more.
The end of section 2.1 in the FAQ says:
Alternatively, plain dm-crypt can be used for a very fast wipe with crypto-grade randomness, see Item 2.19
https://gitlab.com/cryptsetup/cryptsetup/-/wikis/FrequentlyAskedQuestions#2-...
Similar advvice has been given for as long as I can recall.
For new hdd's, badblocks can be worth running before putting data on the disk and it can write a reasonably random pattern in the process:
badblocks -b 4096 -c 10240 -s -w -t random -v /dev/sdx1
That requires more patience than most folks have, I suspect. It can take around 42 hours for a 16T disk. But then, it's only your data. ;)
There's a long section on drive preparation on the Arch Linux wiki:
https://wiki.archlinux.org/title/Dm-crypt/Drive_preparation
There are, as others already noted, caveats and limitations if using SSD's.