disk encryption
Roberto Ragusa
mail at robertoragusa.it
Fri Jan 15 17:52:34 UTC 2016
On 01/15/2016 04:58 PM, Robert Nichols wrote:
> 3. Copy the decrypted data directly back to the partition at the
> correct offset (4096 sectors assumed here):
> dd if=/dev/mapper/mysource bs=$((4096*512)) of=/dev/sda1 seek=1
> 4. Adjust the partition table to add 4096 sectors to the starting
> LBA for sda1 without moving the ending LBA.
You are decrypting in place and then moving forward the beginning
of the partition to skip over the missing luks header (which
you then clean in step 5).
Wouldn't be better to decrypt while shifting everything back
and then (eventually) resize the filesystem to gain the extra
space at the end of the partition?
The final partition layout would be certainly cleaner and the
process is simpler (remove "seek=1" and skip step 4 and step 5)
(but I agree that your approach is easier to revert)
Regards.
--
Roberto Ragusa mail at robertoragusa.it
More information about the users
mailing list