Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Re: FDE while running a node on SSD
by
takuma sato
on 28/03/2025, 19:28:30 UTC
Quote from: ABCbits on Today at 08:34:13 AM
Quote from: takuma sato on March 27, 2025, 09:50:06 PM
Quote from: ABCbits on March 27, 2025, 09:17:05 AM
--snip--
Okay so I will stick to SSD even if it's not as resilient as HDD for this task, but man HDD is so damn slow nowadays that I cannot tolerate syncing a node from scratch again without SSD so I will pass.

Yeah, HDD is very slow especially on random read/write task. Although with sufficient RAM (enough to store all UTXO), you can achieve fast initial sync/IDB on HDD. In fact I still store all Bitcoin Core data on HDD.

Quote from: takuma sato on March 27, 2025, 09:50:06 PM
The question now is, what settings for dm-crypt? When im installing linux, with your average interface like Debian, it just asks you for some password, they don't give you any way to enter any details on what sort of encryption are you using. VeraCrypt was way better in this regard, but I think FDE with VC only works in Windows for some reason.

Debian and few distro let you configure detail of the disk encryption during installation.

Quote from: https://unix.stackexchange.com/a/577765
Step 8:


I leave everything as the default except that I change the Bootable flag to On. You can customize this to better suit your environment.


As shown by screenshot from StackExchange answer (not mine), you actually can double-click specific configuration (such as key size) and select different available value. But usually i use default configuration provided by distro i use.

What version of Debian is that screenshot from? I remember watching tutorials, and in no point in time they asked you about any specifics, or I saw any possibility to modify the specification details for the encryption procedure. I only remember two passwords. One that was for the root admin setting, and another for the actual encryption and it was set in a confusing way where you didn't really know what the passwords were doing, so hopefully they changed this, since im talking some years ago. Im just going to get Debian 12 iso and try for myself. Im still asking what settings would be good to run a node at tho, since I want a security but also not blow up the drive from overdoing the encryption and then have it do heavy lifting with the node syncing process. If anyone is an expert in this field here perhaps you could recommend some better non-default settings?