| Lee H. Marzke on 19 Apr 2015 14:09:14 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Help with encrypted SSD |
If I can get the drive unlocked, I'll try that. The problem is LVM is inside DM-crypt, so DM needs to be expanded first. The installer has a script to do this but it only does 100% of the drive as DM-crypt/LVM, and I want part reserved for VM's which don't do as well running inside an encrypted partition. Lee ----- Original Message ----- > From: "Rich Freeman" <r-plug@thefreemanclan.net> > To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org> > Sent: Sunday, April 19, 2015 2:53:21 PM > Subject: Re: [PLUG] Help with encrypted SSD > On Sat, Apr 18, 2015 at 8:50 PM, Lee H. Marzke <lee@marzke.net> wrote: >> I have Ubuntu on a 500GB Crucial SSD that is running out of space. >> >> It's using 250G encrypted LVM partition and 250G unencrypted for VM's and >> Downloads >> >> I need to expand both to 500G for a new 1TB SSD. >> >> I don't mind re-installing if required, but I see the encrypted LVM >> installer only uses the entire disk not 1/2. > > You should be able to dd both partitions over to the drive, then > expand the lvs, filesystems, etc on top. > >> >> I tried setting the HD password on my Thinkpad for the new disk >> and when booting the BIOS prompts for the password to un-encript >> but it doesn't work, all passwords fail, and won't let me into the BIOS again to >> change/remove the password. So basically this new 1TB SSD is >> just a paperweight now. Anyone now why HD BIOS passwords don't work or how >> to fix or should I just return this drive? >> > > HD passwords are completely separate from software encryption like > luks/losetup/etc. I have no idea what your BIOS is doing - the > password being sent to the drive may or may not be identical to the > password entered into the BIOS. Also, the BIOS may or may not > security freeze the drive at bootup. > > If you don't know the HD password then security erasing and getting it > back to factory condition requires vendor-specific commands as far as > I'm aware. You're going to have to google for details on your drive. > The vendor software might help. > > Personally, I wouldn't mess with the drive security. Use software > encryption. It gets the same job done, and since you know the key it > also makes the drive far more recoverable if you get into trouble. > > -- > Rich > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug -- "Between subtle shading and the absence of light lies the nuance of iqlusion..." - Kryptos Lee Marzke, lee@marzke.net http://marzke.net/lee/ IT Consultant, VMware, VCenter, SAN storage, infrastructure, SW CM +1 800-393-5217 office +1 484-348-2230 fax +1 610-564-4932 cell sip://8003935217@4aero.com VOIP ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug