On 1/30/19 12:48 AM, Gordon Messmer wrote: > Both the filesystem and your data are encrypted when using dm-crypt (whether > you use LUKS or not). However, creating a dm-crypt device doesn't modify the > pre-existing data. It only writes encrypted data to the disk when data is > written to the virtual device. > > Does that make sense?
Yes, and the reason for doing this is that encrypting some zeros can be faster than reading from /dev/urandom. I know for sure that /dev/urandom is (or was) not always able to saturate the speed of a disk (or SSD), while dmcrypt with modern hardware (AES instructions in the CPU) is always fast enough. Regards. -- Roberto Ragusa mail at robertoragusa.it _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
