| 1 |
Wol wrote: |
| 2 |
> On 27/03/2022 20:17, Dale wrote: |
| 3 |
>> Howdy, |
| 4 |
>> |
| 5 |
>> I sort of started this on another thread but wanted to nail a few things |
| 6 |
>> down first. I'm wanting to encrypt some parts of my data on /home. |
| 7 |
>> This is what I got hard drive wise. |
| 8 |
>> |
| 9 |
>> |
| 10 |
>> root@fireball / # pvs |
| 11 |
>> PV VG Fmt Attr PSize PFree |
| 12 |
>> /dev/sda7 OS lvm2 a-- <124.46g 21.39g |
| 13 |
>> /dev/sdb1 Home2 lvm2 a-- <5.46t 0 |
| 14 |
>> /dev/sdc1 Home2 lvm2 a-- <7.28t 0 |
| 15 |
>> /dev/sdd1 Home2 lvm2 a-- <7.28t 0 |
| 16 |
>> /dev/sde1 backup lvm2 a-- 698.63g 0 |
| 17 |
>> root@fireball / # |
| 18 |
>> |
| 19 |
> One big piece of missing information. What does fdisk say about |
| 20 |
> sd[b,c,d]1? And can you add sdf1? |
| 21 |
|
| 22 |
I have the entire drive as one large partition for each drive. I could |
| 23 |
have done it as a whole device but I wanted partitions to give a hint |
| 24 |
that the drive is in use, if booted from other medium for example. |
| 25 |
|
| 26 |
I have enough extra space that I can remove either a 6TB or a 8TB |
| 27 |
drive. Once that is done, I can start to encrypt and move data around. |
| 28 |
This is some additional info from df for /home: |
| 29 |
|
| 30 |
|
| 31 |
/dev/mapper/Home2-Home2 20T 8.7T 12T 45% /home |
| 32 |
|
| 33 |
|
| 34 |
If I remove a 8TB drive, I'd still have enough room for my data. I |
| 35 |
could then rebuild /home starting with the 8TB drive just freed up. |
| 36 |
Then as I move data, I could expand them one at a time encrypting as I |
| 37 |
go. I'd rather not have to buy a hard drive right now. Tight budget |
| 38 |
given other things I got going on. I do have backups, more than one in |
| 39 |
a couple important data spots. |
| 40 |
|
| 41 |
|
| 42 |
> |
| 43 |
> I'm guessing you've got three 8TB drives? Or is it two 8s and a 6? Can |
| 44 |
> you get a third 8TB? And if you're encrypting *parts* of /home ... |
| 45 |
> what parts? |
| 46 |
>> |
| 47 |
>> I've done some checking on sizes of things I want to encrypt and am |
| 48 |
>> weighing options. I use LVM which should help make things easier. I've |
| 49 |
>> downloaded and printed some howtos regarding shrinking the file system |
| 50 |
>> and LVM thingys. It seems I need to shrink the file system while my |
| 51 |
>> /home partition is unmounted. Then move the data off whichever drive I |
| 52 |
>> want to remove and then remove the drive itself. After that I can |
| 53 |
>> encrypt the just removed drive and start moving files over, using rsync |
| 54 |
>> is my plan. I think that is the basic steps. |
| 55 |
> |
| 56 |
> Not necessarily. |
| 57 |
>> |
| 58 |
>> My question now comes to this. When I encrypt one of the drives, can I |
| 59 |
>> then expand that drive with it being encrypted or is that not a option? |
| 60 |
>> I plan to encrypt two of the drives as one volume group and leave one |
| 61 |
>> other volume group as normal. I just want to be sure whether or not I |
| 62 |
>> can expand a encrypted LVM drive the same as a normal LVM since both |
| 63 |
>> uses LVM. I use cryptsetup commands to accomplish the encryption if |
| 64 |
>> that matters. So as a example, I start with one 7TB drive encrypted, |
| 65 |
>> move some data to it, then want to add either the 5TB or 7TB drive. Can |
| 66 |
>> I just expand it like a normal LVM or does it being encrypted change |
| 67 |
>> things? |
| 68 |
>> |
| 69 |
>> Thoughts? My remove steps look sensible? Expanding encrypted LVM |
| 70 |
>> possible? |
| 71 |
> |
| 72 |
> If you are using LVM to do the encryption, then I can't see any |
| 73 |
> problems adding a new PV to an encrypted VG. |
| 74 |
>> |
| 75 |
>> Dale |
| 76 |
>> |
| 77 |
> Personally, I'd use dm-crypt to encrypt the drive, and then the whole |
| 78 |
> lot is encrypted, and put plain LVM over that. I've got dedicated |
| 79 |
> layers for everything. |
| 80 |
> |
| 81 |
> It looks like your home2 is 6TB+8TB+8TB. I'd get a new 8TB, put |
| 82 |
> dm-crypt on it, and add it. Now I can remove the first 8TB, dm-crypt |
| 83 |
> it and re-add it. Same with the second 8TB. Now remove the 6TB and |
| 84 |
> there you are ... |
| 85 |
> |
| 86 |
> My layout's rather different from yours, so I don't think I ought to |
| 87 |
> say too much :-) |
| 88 |
> |
| 89 |
> Cheers, |
| 90 |
> Wol |
| 91 |
> |
| 92 |
> |
| 93 |
|
| 94 |
|
| 95 |
What is the advantage of dm-crypt over cryptsetup? I've learned how to |
| 96 |
use cryptsetup with my external drive so was hoping to stick with what I |
| 97 |
already know. Unless there is a advantage to dm-crypt. |
| 98 |
|
| 99 |
Thanks. |
| 100 |
|
| 101 |
Dale |
| 102 |
|
| 103 |
:-) :-) |
Archives