Re: Need clarifications on disk encryption

tayyappa · ‎07-01-2010

Could you please clarify the following questions on disk encryption?

Whenever we enable/disable disk encryption, we are deleting all the cached data.

1. Why are we deleting all the DRE cache, when we enable/disable disk encryption? Instead we should encrypt/decrypt the data with the key that we got from CM. If we delete all the DRE cache, then we will lose the compression that we got from the DRE cache.

2. How can I verify that the files in the disk are encrypted, after disk encryption is enabled?

Zach Seils · ‎07-01-2010

Hi Thenna,

The partitions we encrypt are some of the largest on the system. We wouldn't have enough disk space to have two copies (encrypted & decrypted) of those paritions.

For verification, you would have to remove the disk drives and mount them on another Linux-based system. We don't provide a way to browse the cache contents.

Regards,

Zach

tayyappa · ‎07-02-2010

Am not asking you to have two two copies (encrypted & decrypted) of paritions.

Insteadof deleting the paritions, you can encrypt the paritions. So that you will not lose the compression that you get from the DRE cache.

Zach Seils · ‎07-06-2010

If I am encrypting an existing (unencrypted) partition, I have to write the encrypted version of the partition somewhere on disk before I remove the unencrypted version. Likewise in reverse. We don't have the disk space to perform this operation.

Regards,

Zach