tag:blogger.com,1999:blog-3323958533660567160.post3490788211126792323..comments2023-07-06T11:20:33.365+02:00Comments on World's Most Secret Blog: How to Activate TRIM on LUKS Encrypted Partitions in Ubuntu & Debiannemhttp://www.blogger.com/profile/09647798804697258002noreply@blogger.comBlogger15125tag:blogger.com,1999:blog-3323958533660567160.post-80215721970961965572018-02-06T11:19:53.369+01:002018-02-06T11:19:53.369+01:00I have checked with a fresh 17.10. installation. T...I have checked with a fresh 17.10. installation. Trim is enabled with ext4 by default now:<br />$ sudo dmsetup table /dev/mapper/nvme0n1p5_crypt --showkeys<br />0 498612224 crypt aes-xts-plain64 7b088419edebfed988cfbdd6fc56febd8874258ea53061585e80d36ca46d5abdb73dc1cf2ee8ad5e95699edb7f2a990941ad622e7492a16b1d065fc789c02b8f 0 259:3 4096 1 allow_discards<br />Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3323958533660567160.post-55408271218799410002015-06-18T21:27:07.724+02:002015-06-18T21:27:07.724+02:00Ubuntu 14.04.2 LTS using Crucial M4 512GB SSD
/dev...Ubuntu 14.04.2 LTS using Crucial M4 512GB SSD<br />/dev/sda1 ntfs<br />/dev/sda2 bitlocker<br />/dev/sda3 ext3 /boot<br />/dev/sda4 luks (/dev/mapper/sda4-crypt with lvm2 pv and / and swap lv's)<br /><br />Followed all the instructions but steps 7 and 8 were still not showing allow_discards.<br /><br />The thing that finally fixed it was this:<br />Update /etc/default/grub<br />Add the discard option to the line that says GRUB_CMDLINE_LINUX<br /><br />sudo update-grub<br /><br />Reboot.<br /><br />All works perfectly now.Shawnhttps://www.blogger.com/profile/14520264190125107180noreply@blogger.comtag:blogger.com,1999:blog-3323958533660567160.post-46614842652630072692014-05-18T15:11:14.934+02:002014-05-18T15:11:14.934+02:00Thank you for the guide, this is great!
If there ...Thank you for the guide, this is great!<br /><br />If there already is an initramfs image, you may have to change the -c (create) to -u flag:<br /><br />sudo update-initramfs -u -k all<br />leonoreply@blogger.comtag:blogger.com,1999:blog-3323958533660567160.post-3397713333713002382014-04-27T09:52:24.787+02:002014-04-27T09:52:24.787+02:00Thanks! I'm wondering, after following these i...Thanks! I'm wondering, after following these instructions, is it still necessary to have a cron job to trim the disk on Ubuntu 14.04? Or the trimming is done automatically after every file delete?ajnnoreply@blogger.comtag:blogger.com,1999:blog-3323958533660567160.post-73847503850064743122014-04-04T05:57:55.684+02:002014-04-04T05:57:55.684+02:00One thing that would stop this working is if you a...One thing that would stop this working is if you are trying to use the discard option with an ext3 filesystem. As I found out the hard way, this is not supported and will not work.<br /><br />Just in case anyone else tries this and wonders what happened...Andrew Wnoreply@blogger.comtag:blogger.com,1999:blog-3323958533660567160.post-5121120876949726682013-01-03T18:10:14.468+01:002013-01-03T18:10:14.468+01:00I do not think these steps will work. LVM has to p...I do not think these steps will work. LVM has to pass the trim command down the stack to luks. The LVM version in 12.04 does not support this. <br /><br />http://askubuntu.com/questions/191914/how-should-i-configure-trim-support-for-lvm-logical-volumesAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-3323958533660567160.post-29246882243593705332012-09-22T22:43:18.547+02:002012-09-22T22:43:18.547+02:00Thanks for the thanks. :) It's nice to see tha...Thanks for the thanks. :) It's nice to see that this little post actually helped others.<br /><br />@Rodney: you're absolutely right, this potentially decreases the security level. Which is why this probably may never be active by default.<br /><br />@#8: you can add the trim support whenever, as long as you are running a setup with LVM over LUKS. As to what happens with data that is deleted "pre-trim": my guess is it's marked as deleted but not really deleted, which is why an encrypted drive without TRIM is actually more secure, because you don't get blocks with no data in between your encrypted data. Over time the SSD is filled up with such "marked as deleted" data which doesn't just get overwritten with new data though - slowing down writes.<br /><br />As I said, this is just a guess. Corrections and pointers to other sources would be welcome.nemhttps://www.blogger.com/profile/09647798804697258002noreply@blogger.comtag:blogger.com,1999:blog-3323958533660567160.post-69712512961281505352012-08-03T04:05:07.852+02:002012-08-03T04:05:07.852+02:00Thanks for the info.
Can you add the trim support...Thanks for the info.<br /><br />Can you add the trim support after the filesystem is in place, and has been for a while, or should this be done during the install process.<br /><br />I am curious what happens about data that is deleted pre-trim. I assume the controller on the drive will manage this appropriately - any advice/knowledge?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3323958533660567160.post-61360510700788959492012-07-19T20:39:44.687+02:002012-07-19T20:39:44.687+02:00Using this may reduce the security of the encrypti...Using this may reduce the security of the encryption to a degree. Empty space will show as true zeros.Rodneyhttp://www.rodneybeede.com/noreply@blogger.comtag:blogger.com,1999:blog-3323958533660567160.post-87689358031020133712012-06-21T04:07:23.785+02:002012-06-21T04:07:23.785+02:0012.04 X64 Alternate Disk Whole Disk Encrypted Opti...12.04 X64 Alternate Disk Whole Disk Encrypted Option Install OCZ 128GB Octane. Works Great. You Rock. Whos the man, cmon admit, its you. WTG. Thanks!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3323958533660567160.post-44889315389536982852012-05-21T22:24:42.229+02:002012-05-21T22:24:42.229+02:00Thanks
followed your instruction,trim is workingThanks<br />followed your instruction,trim is workingAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-3323958533660567160.post-81343289143930057632012-05-05T01:05:54.574+02:002012-05-05T01:05:54.574+02:00You're welcome. Glad to be of help.You're welcome. Glad to be of help.nemhttps://www.blogger.com/profile/09647798804697258002noreply@blogger.comtag:blogger.com,1999:blog-3323958533660567160.post-42574174292561445872012-05-03T22:02:30.702+02:002012-05-03T22:02:30.702+02:00Thanks!Thanks!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3323958533660567160.post-38827545637761344132012-04-22T17:54:51.860+02:002012-04-22T17:54:51.860+02:00Could you post more details about your hardware, p...Could you post more details about your hardware, partitions and outputs for the steps you took?nemhttps://www.blogger.com/profile/09647798804697258002noreply@blogger.comtag:blogger.com,1999:blog-3323958533660567160.post-38227396401542215442012-04-18T19:06:36.920+02:002012-04-18T19:06:36.920+02:00I've tried to activate trim with no success. C...I've tried to activate trim with no success. Crypt with showkeys showed that trim is not activated.<br /><br />Ubuntu 11.04<br />Kernel 3.1.4<br />Cryptsetup 1.4.2Evghttps://www.blogger.com/profile/03818112627219415913noreply@blogger.com