On 1/30/19 12:48 AM, Gordon Messmer wrote:

> Both the filesystem and your data are encrypted when using dm-crypt (whether 
> you use LUKS or not).  However, creating a dm-crypt device doesn't modify the 
> pre-existing data.  It only writes encrypted data to the disk when data is 
> written to the virtual device.
> 
> Does that make sense?

Yes, and the reason for doing this is that encrypting some zeros can be faster 
than reading from /dev/urandom.
I know for sure that /dev/urandom is (or was) not always able to saturate the 
speed of a disk (or SSD), while
dmcrypt with modern hardware (AES instructions in the CPU) is always fast 
enough.

Regards.

-- 
   Roberto Ragusa    mail at robertoragusa.it
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org

Reply via email to