我在 FreeBSD 11 上使用 GELI 使用 AES256 加密我的外部备份设备。我最近将磁盘更改为 240GB SSD,只有一半的容量可用,这导致备份失败。
Windows 10; SSD显示232GB
FreeBSD 11; SSD显示207GB
dd if=/dev/zero of=/dev/da0 bs=1M count=10 gpart add -t freebsd /dev/da0 newfs /dev/da0 >& /dev/null mount /dev/da0 /mnt/backup df -g /dev/da0 225 0 207 0% /bk/diskFreeBSD 11; SSD显示116GB
da0.eli created da0.elis1 added => 40 244198504 da0.eli GPT (116G) 40 244198504 1 freebsd (116G) /dev/da0.elis1 112 0 103 0% /bk/disk
这是预期的结果还是与行业规模有关?
答案1
根据手册页,验证选项 -ahmac/sha256 需要 11%。问题是在未设置指定的默认扇区大小(要求 50%)的情况下启用了验证。即指定 -s4096 和 -ahmac/sha256
# geli init -l256 -eaes -ahmac/sha256 -J /root/da0.txt -B /root/da0.eli -K /root/da0.key /dev/da0
# geli attach -k /root/da0.key /dev/da0
# geli list
1. Name: da0.eli
Mediasize: 125029674496 (116G)
Sectorsize: 512
Mode: r0w0e0
Consumers:
1. Name: da0
Mediasize: 250059350016 (233G)
Sectorsize: 512
Mode: r1w1e1
# geli init -l256 -eaes -J /root/da0.txt -B /root/da0.eli -K /root/da0.key /dev/da0
# geli attach -k /root/da0.key /dev/da0
# geli list
1. Name: da0.eli
Mediasize: 250059349504 (233G)
Sectorsize: 512
Mode: r0w0e0
Consumers:
1. Name: da0
Mediasize: 250059350016 (233G)
Sectorsize: 512
Mode: r1w1e1
# geli init -s4096 -l256 -eaes -ahmac/sha256 -J /root/da0.txt -B /root/da0.eli -K /root/da0.key /dev/da0
# geli attach -k /root/da0.key /dev/da0
# geli list
1. Name: da0.eli
Mediasize: 222274973696 (207G)
Sectorsize: 4096
Mode: r0w0e0
Consumers:
1. Name: da0
Mediasize: 250059350016 (233G)
Sectorsize: 512
Mode: r1w1e1