[Discuss] encrypted linux systems
Edward Ned Harvey (blu)
blu at nedharvey.com
Tue Jan 28 21:40:22 EST 2014
> From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss-
> bounces+blu=nedharvey.com at blu.org] On Behalf Of Stephen Adler
>
> As for the disk IO issue, I've migrated to using SSD's with fantastic
> performance improvement, thus the fear that I may see my snappy
> environment degrade to my hard drive IO speed response times when
> turning on encryption. It sounds like I don't have to worry about that.
Oh - There actually *is* a concern there. In general, an encryption product is designed not to leak information, which means they write random data to all sectors of the hard disk, and this behavior has a tendency to conflict with TRIM and so forth. I'm pretty sure that at least SOME encryption products will allow you to configure some tunable parameter, to reduce the total available size of the volume, or in some fashion, support TRIM for enough blocks to sustain good random IOPS... But I don't know what products, and I don't know how. I would suggest you google for TRIM, in context of truecrypt, pgp, luks, etc.
More information about the Discuss
mailing list