To my understanding, it makes no sense to perform a TRIM on storage
which is a LUKS2 encyrypted LVM. The storage device should anyway think
that each bit is in use after it was filled with random data when
creating the space. Not only that I cannot imagine how the storage
device should Know what is happening in the encrypted space, wouldn't it
be a security issue if the OS would inform the storage device about
unused space and its location and could actually perform some kind of a
TRIM?

Am I wrong?

If I am right, then, and assuming that TRIM is done by a command called
fstrim, is there a simple command by which I could search through all
cron entries if fstrim would somewhere be defined to become executed?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2/20/25 14:10, Marco Möller wrote:

To my understanding, it makes no sense to perform a TRIM on storage
which is a LUKS2 encyrypted LVM. The storage device should anyway
think that each bit is in use after it was filled with random data
when creating the space. Not only that I cannot imagine how the
storage device should Know what is happening in the encrypted space,
wouldn't it be a security issue if the OS would inform the storage
device about unused space and its location and could actually perform
some kind of a TRIM?

Am I wrong?

Yes. Generally speaking, all file systems know exactly whats in use,
they have to, otherwise they would randomly overwrite another file, The encryption is only for the data in that allocated space. The file system
knows nothing about that data

If I am right, then, and assuming that TRIM is done by a command
called fstrim, is there a simple command by which I could search
through all cron entries if fstrim would somewhere be defined to
become executed?

.

Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2/20/25 20:48, gene heskett wrote:

On 2/20/25 14:10, Marco Möller wrote:

To my understanding, it makes no sense to perform a TRIM on storage
which is a LUKS2 encyrypted LVM. The storage device should anyway
think that each bit is in use after it was filled with random data
when creating the space. Not only that I cannot imagine how the
storage device should Know what is happening in the encrypted space,
wouldn't it be a security issue if the OS would inform the storage
device about unused space and its location and could actually perform
some kind of a TRIM?

Am I wrong?

Yes. Generally speaking, all file systems know exactly whats in use,
they have to, otherwise they would randomly overwrite another file, The encryption is only for the data in that allocated space. The file system knows nothing about that data

If I am right, then, and assuming that TRIM is done by a command
called fstrim, is there a simple command by which I could search
through all cron entries if fstrim would somewhere be defined to
become executed?


.

Cheers, Gene Heskett, CET.

So, the other way round, having a LUKS2 partition and then LVM in it,
that would be the one where TRIM wouldn't make sense? But would be safer
in terms of "hiding" data from spying eyes?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2/20/25 15:29, Marco Möller wrote:

On 2/20/25 20:48, gene heskett wrote:

On 2/20/25 14:10, Marco Möller wrote:

To my understanding, it makes no sense to perform a TRIM on storage
which is a LUKS2 encyrypted LVM. The storage device should anyway
think that each bit is in use after it was filled with random data
when creating the space. Not only that I cannot imagine how the
storage device should Know what is happening in the encrypted space,
wouldn't it be a security issue if the OS would inform the storage
device about unused space and its location and could actually
perform some kind of a TRIM?

Am I wrong?

Yes. Generally speaking, all file systems know exactly whats in use,
they have to, otherwise they would randomly overwrite another file,
The encryption is only for the data in that allocated space. The file
system knows nothing about that data

If I am right, then, and assuming that TRIM is done by a command
called fstrim, is there a simple command by which I could search
through all cron entries if fstrim would somewhere be defined to
become executed?


.

Cheers, Gene Heskett, CET.

So, the other way round, having a LUKS2 partition and then LVM in it,
that would be the one where TRIM wouldn't make sense? But would be
safer in terms of "hiding" data from spying eyes?

I have zero experience with either. I would say that each likely adds
another layer of complexity, with an accompanying increase in processing
time to decode and make it useful. That in itself might figure into how difficult it is to gain useful access. I should correct the above
previous statement to declare the file system must know the size of the
file in addition to it location on the media, so it knows where to stop reading.

.

Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 20 Feb 2025 14:48:21 -0500
gene heskett <gheskett@shentel.net> wrote:

Generally speaking, all file systems know exactly whats in use,
they have to, otherwise they would randomly overwrite another file,
The encryption is only for the data in that allocated space. The file
system knows nothing about that data

Well, one could look to see what fstrim actually does.

root@hawk:/crc/backs/myob/scripts# journalctl -b | grep -i fstrim
Feb 09 14:36:02 hawk systemd[1]: Started fstrim.timer - Discard unused blocks once a week.
Feb 10 01:02:41 hawk systemd[1]: Starting fstrim.service - Discard unused blocks on filesystems from /etc/fstab...
Feb 10 01:02:50 hawk fstrim[16063]: /home: 13.9 GiB (14947983360 bytes) trimmed on /dev/mapper/hawk2021vg-hawk2021home
Feb 10 01:02:50 hawk fstrim[16063]: /boot/efi: 483.2 MiB (506621952 bytes) trimmed on /dev/sdb1
Feb 10 01:02:50 hawk fstrim[16063]: /boot: 323.8 MiB (339523584 bytes) trimmed on /dev/sdb2
Feb 10 01:02:50 hawk fstrim[16063]: /: 31.6 GiB (33911214080 bytes) trimmed on /dev/mapper/hawk2021vg-hawk2021root
Feb 10 01:02:50 hawk systemd[1]: fstrim.service: Deactivated successfully.
Feb 10 01:02:50 hawk systemd[1]: Finished fstrim.service - Discard unused blocks on filesystems from /etc/fstab.
Feb 17 01:13:30 hawk systemd[1]: Starting fstrim.service - Discard unused blocks on filesystems from /etc/fstab...
Feb 17 01:13:43 hawk fstrim[171705]: /home: 12 GiB (12930596864 bytes) trimmed on /dev/mapper/hawk2021vg-hawk2021home
Feb 17 01:13:43 hawk fstrim[171705]: /boot/efi: 483.2 MiB (506621952 bytes) trimmed on /dev/sdb1
Feb 17 01:13:43 hawk fstrim[171705]: /boot: 0 B (0 bytes) trimmed on /dev/sdb2 Feb 17 01:13:43 hawk fstrim[171705]: /: 31.9 GiB (34215677952 bytes) trimmed on /dev/mapper/hawk2021vg-hawk2021root
Feb 17 01:13:43 hawk systemd[1]: fstrim.service: Deactivated successfully.
Feb 17 01:13:43 hawk systemd[1]: Finished fstrim.service - Discard unused blocks on filesystems from /etc/fstab.
root@hawk:/crc/backs/myob/scripts#

It looks like fstrim operates on non-LUKS partitions (/, /boot/efi, and
/boot) and logical volumes in a LUKS volume groups which is encrypted
(/home).

--
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, Feb 20, 2025 at 02:48:21PM -0500, gene heskett wrote:

On 2/20/25 14:10, Marco Möller wrote:

To my understanding, it makes no sense to perform a TRIM on storage
which is a LUKS2 encyrypted LVM. The storage device should anyway think that each bit is in use after it was filled with random data when
creating the space. Not only that I cannot imagine how the storage
device should Know what is happening in the encrypted space, wouldn't it
be a security issue if the OS would inform the storage device about
unused space and its location and could actually perform some kind of a TRIM?

Am I wrong?

Yes. Generally speaking, all file systems know exactly whats in use, they have to, otherwise they would randomly overwrite another file [...]

You are wrong here, Gene -- in a strangely indirect way.

encryption is only for the data in that allocated space. The file system knows nothing about that data

This is wrong when you have an encrypted block device, as is the case with LUKS. There, the file system sits "in" or "on top" of that block device and
has no say on the en- and decryption steps.

That means, of course, somewhat more inefficiency, but you are already paying quite a bit of that to keep privacy. The upside is that an external observer (even a malicious hard disk) don't get even to "see" which blocks have any
data in them).

Some day you should get a long sit down and try to pry those layers (block device, file system, etc.) apart. It's worth it.

This is, of course, different, if you have file-level encryption. This would sit "on top" of the file system (ISTR Ubuntu "sold" that for a while). But
why go with plastic calipers if you can get hold of metal ones?

Cheers
--
t

-----BEGIN PGP SIGNATURE-----

iF0EABECAB0WIQRp53liolZD6iXhAoIFyCz1etHaRgUCZ7gYnQAKCRAFyCz1etHa RrMMAJ93tL68x0WcxD8NIGPOZGNXD+FGwACggS8qyZl1Y79Gaa/uNDjphv1OhpA=
=2PzJ
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2/21/25 01:09, tomas@tuxteam.de wrote:

On Thu, Feb 20, 2025 at 02:48:21PM -0500, gene heskett wrote:

On 2/20/25 14:10, Marco Möller wrote:

To my understanding, it makes no sense to perform a TRIM on storage
which is a LUKS2 encyrypted LVM. The storage device should anyway think
that each bit is in use after it was filled with random data when
creating the space. Not only that I cannot imagine how the storage
device should Know what is happening in the encrypted space, wouldn't it >>> be a security issue if the OS would inform the storage device about
unused space and its location and could actually perform some kind of a
TRIM?

Am I wrong?

Yes. Generally speaking, all file systems know exactly whats in use, they
have to, otherwise they would randomly overwrite another file [...]

You are wrong here, Gene -- in a strangely indirect way.

encryption is only for the data in that allocated space. The file system
knows nothing about that data

This is wrong when you have an encrypted block device, as is the case with LUKS. There, the file system sits "in" or "on top" of that block device and has no say on the en- and decryption steps.

As I said, I know zip about LUKS.  If LUKS replaces the file system
(working under it or substituting for it) there still remains the
requirement that something knows where the file is, and how long it is.

That means, of course, somewhat more inefficiency, but you are already paying quite a bit of that to keep privacy. The upside is that an external observer (even a malicious hard disk) don't get even to "see" which blocks have any data in them).

my home net, is behind dd-wrt, in plain text. on an address block that
does not get thru a router. And in 30 years I have not been touched.

Did have a web page on this machine. but iptables grew to several
megabytes cuz every snooper on the planet downloaded the whole thing
non-stop, leaving me no bandwidth for my normal activities as they get
to the end of it and immediately start over, ignoring my robots.txt. So
a long list of them got blocked, then they started changing their
machines addy's so some got xx.yy.zz.aa/16 blockaids.

Maintaining that got to be a full time job. So when 2 new seagates
crashed at 2 weeks old, and I installed bookworm (a fuster cluck of 30+ installs) I lost the web page data and have not restarted it.

I need to as I now have a product to sell. But the cold spell in January
froze up the drain for my basement sump pump so I had up to 18" of water
in the basement for about 3 weeks before I got somebody to service it,
charging me about $1200 for a $50 sump pump. Lost my freezer and 400 lbs
of food, and still waiting on controller parts to fix my 3 year old
water heater.  But I won't rewrite my web page until trixie is working.  Boolworm makes me wait at least 30 seconds to open a file I own, and in
2+ years and 30 some installs, no one can tell me why . . .

|Some day you should get a long sit down and try to pry those layers (block

device, file system, etc.) apart. It's worth it.

This is, of course, different, if you have file-level encryption. This would sit "on top" of the file system (ISTR Ubuntu "sold" that for a while). But why go with plastic calipers if you can get hold of metal ones?

I have quite a selection of metal ones up to 300mm long. I have a garage
full of cnc'd machines I built.

What I need is a way to combine 20T of SSD's (5 identical 4T ssd's) into
one LVM partition, on an arm64 board running armbian jammie (or nobel)
for an amanda backup syetem for everything here. With a 1T 6th as a
holding disk.  That I could use some help with.

Thank you Tomas.

Cheers

Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 21 Feb 2025 05:07:10 -0500
gene heskett <gheskett@shentel.net> wrote:

my home net, is behind dd-wrt, in plain text. on an address block
that does not get thru a router. And in 30 years I have not been
touched.

LUKS addresses a completely different attack vector than network
intrusion. As long as the LUKS device is decrypted on a running
machine it is not much of a help. LUKS protects data during the
encrypted state, e.g. when a stolen laptop was in shutdown state
at that time, and it helps to protect data when disks are up to
renewal and someone else has got access to the older disks later.
Without LUKS the disk erasing process needs time and might well
be quiet expensive.
--
kind regards
Frank

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEE86z15c6qwvuAkhy+zDIN/uu9BloFAme4X9cACgkQzDIN/uu9 BlpE4Av8DdWijpqZ/lJaLILROG2ZlekHLIXiapxPjpj+Jlt00EdpM+KhM5dV1GF1 tS4ZkuljhjeMGQOkcCyV5Fj60oGZ9UNdNcbddxtUNX3IMLcywxZxzwNEI0xJvLGg 5f1WyLrMvaOsCgQMlvr9mkQj0vWwnLmKThf23mbx//SRmtVZzrzQSo/xYb8HA0lk AtVsQruo6eNvpPj3Z0sXVxc2pWkGoHxX0xQX+95Sgw7UW2T6Zs/HhLoHBfG70e1+ iWU0kbGIcJ7wzOxJwhLO7ac3iZDnikYHcYNYe5bSIhyRblCK+ZOq11586pqSvoa/ KsoY3WpkkPLdX/ExVgI13Bv8KTDMmyDlRVOcPmSRBVjBee53F3IK1SYcxGX7SFvY MMFW+VCV4XDWpDO7c8yucZthJF7YZaU+9dpJMXo2NxI4V54+JwozQMSezPWeYcoN EeN8CWvrPX6GS56hEIvE+YR+YTUXCFxssesaCOExn2btr3/6ZkgFSdBUKNciB+T5
0fVp7qY2
=mXrD
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Feb 21, 2025, Frank Guthausen wrote:

On Fri, 21 Feb 2025 05:07:10 -0500
gene heskett <gheskett@shentel.net> wrote:

my home net, is behind dd-wrt, in plain text. on an address block
that does not get thru a router. And in 30 years I have not been
touched.

LUKS addresses a completely different attack vector than network
intrusion. As long as the LUKS device is decrypted on a running
machine it is not much of a help. LUKS protects data during the
encrypted state, e.g. when a stolen laptop was in shutdown state
at that time, and it helps to protect data when disks are up to
renewal and someone else has got access to the older disks later.
Without LUKS the disk erasing process needs time and might well
be quiet expensive.

Yes and no with the erasure thing -- a handful of SSD options nowadays
do onboard / integral encryption, so "erasing" the drive is essentially
just "deleting the secret key"

But then again, SSDs are quite expensive per TiB if you're talking about
a storage array.

--
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1 E067 6D65 70E5 4CE7 2860

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3asj+xn6fYUcweBnbWVw5UznKGAFAme4bTUACgkQbWVw5Uzn KGDT3Q//TVM+AvgXWDNMClyA3EYxGxoYEK7aYS5aRMAeGqCG9QOf0bIcc5taYym9 SUneHLKQj/0BNn3DpS/FzgA7ilhgBH2fc+qPNiFh4XTHOQWKGQ01hj/vjZYhWY8N Re4gi7HvFBvxj/9+VY/eLaq6D1upEHMxl37yDlEjduB5cVa6Grlw7+YA+LfslL+1 lYj5t4OafmXSQfuW/1nBUk2rNvb0mT53fwTb29lqpl27l9VnflGSRPV1UfMBEzff uSaYgmiUuTIoAW83dipYFwe8z78NlMOtZdlfkAYIctvlUiA1m7Kx++DKVKmIS+iH V6WNjnTLperhaxw7LuoPFT1STD6lcQYK/9dj7t+Ced+qo//FKseApPeY+h+lMwEl uW/SvyfLSGwZwEJeh26p348qaH6sPVxtEPgBjw8yW5YCkiCVsGeqAaWlpDRfn7In SjW1hsKTRSgI/+wgfQ5JnVAPEJHnqHR8RAc2kxmbwvTsv7Hpdf+uNONhM93N76If jSevWAz3pI9yGo02cBqINz3EDKXaTn49oNc1endbB0vH1mxbIEV6zYFwV011Ddsu WRYmpdjzrGf7WM8qSmUBDOvwyFlaLurf1EVE1xYUtoP9Kq14DU/fO9XmQVh8eQMn zSLCMSCpjgy0brQFHIygjT2ed4hfgCJGWF4ff+9yDBK8wQZk628=
=gTLN
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Us

On 2/21/25 07:11, Dan Purgert wrote:

On Feb 21, 2025, Frank Guthausen wrote:

On Fri, 21 Feb 2025 05:07:10 -0500
gene heskett <gheskett@shentel.net> wrote:

my home net, is behind dd-wrt, in plain text. on an address block
that does not get thru a router. And in 30 years I have not been
touched.

LUKS addresses a completely different attack vector than network
intrusion. As long as the LUKS device is decrypted on a running
machine it is not much of a help. LUKS protects data during the
encrypted state, e.g. when a stolen laptop was in shutdown state
at that time, and it helps to protect data when disks are up to
renewal and someone else has got access to the older disks later.
Without LUKS the disk erasing process needs time and might well
be quiet expensive.

Yes and no with the erasure thing -- a handful of SSD options nowadays
do onboard / integral encryption, so "erasing" the drive is essentially
just "deleting the secret key"

But then again, SSDs are quite expensive per TiB if you're talking about
a storage array

So are spinning rust when it only lasts 2 weeks.  Seacrate has sold me
the last drive they'll ever sell me. Shingled, helium filled, 2T drives,
doomed when the helium escapes. They just disappeared off the end of the
sata cable. Same cable, plugged into an SSD is working perfectly over 2
years later. And working 4x faster.

Cheers, Gene Heskett, CET.

--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Feb 21, 2025, gene heskett wrote:

On 2/21/25 07:11, Dan Purgert wrote:

On Feb 21, 2025, Frank Guthausen wrote:

On Fri, 21 Feb 2025 05:07:10 -0500
gene heskett <gheskett@shentel.net> wrote:

my home net, is behind dd-wrt, in plain text. on an address block
that does not get thru a router. And in 30 years I have not been touched.

LUKS addresses a completely different attack vector than network intrusion. As long as the LUKS device is decrypted on a running
machine it is not much of a help. LUKS protects data during the encrypted state, e.g. when a stolen laptop was in shutdown state
at that time, and it helps to protect data when disks are up to
renewal and someone else has got access to the older disks later.
Without LUKS the disk erasing process needs time and might well
be quiet expensive.

Yes and no with the erasure thing -- a handful of SSD options nowadays
do onboard / integral encryption, so "erasing" the drive is essentially just "deleting the secret key"

But then again, SSDs are quite expensive per TiB if you're talking about
a storage array

So are spinning rust when it only lasts 2 weeks.  Seacrate has sold me the

Good thing "2 weeks" is well within a warranty period. Unless, of
course, that you opted to purchase old drives from somewhere.

--
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1 E067 6D65 70E5 4CE7 2860

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3asj+xn6fYUcweBnbWVw5UznKGAFAme4khwACgkQbWVw5Uzn KGBd2xAAupjpoyaadCzyPHF/KLfyKS0CF/vf31RjDweUzMSefc0Llds+AzUCz2nR puSue9O/TFAVsYe9ZJCpAQHxNs3J00AWaEFspztutmTaiwOjUEV3ZfiSVanjFZps 6HGc4EJZrOXwJ2BGr+Ab5TcxK7fznWbcsBWoMq2jitivDcActBKAcP8iZCZew/oU 7skVnLRIOG5pIfl478zDELbusZlDovFNrxTN9g8QSOrYMWpvucroDb3yCaKVG7Ug uznfJhhYup/vXZVaDjaD7zWEe+/FjWcHV8wwTnz7CSp7p0HypDMguIwN51IaWz8g /Q9sAMQZp8Qzkty1+bA/P2ZsoS7TRjAVMaxPfAiPWbZs6zQ0Vl91+/bKNjo7RPk7 KUfIjCT+bpaPoac9XT6qrvH4tE59dEjHT6a0A7ZFpHCYUWt6UYi5wCdcyjs0XxRN 1iQGVJnwkKxb/rT5vraKPfgzdcvJRUD8xzP5HicjPd/EctUtVn/oEs7zNz46uRd+ V1ZXaIpWW0kNSlRRERAXHjgqJ9LEnRmONP7Kr9KqkHUwNpuYTAv5mON8m9s2Jrh0 vpSl9DqY9j0NxsqZuleG7UH2/B/s9IBnntxkE3AdHfb1444zruP2UDRJvzTrcUBE JBzAi7O0o61+xrG48KKyAjNbSWot347kVzV67eeQxMfXkArLass=
=qNBk
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Us

On Fri, Feb 21, 2025 at 09:29:32AM -0500, gene heskett wrote:

On 2/21/25 07:11, Dan Purgert wrote:

On Feb 21, 2025, Frank Guthausen wrote:

On Fri, 21 Feb 2025 05:07:10 -0500
gene heskett <gheskett@shentel.net> wrote:

[...]

So are spinning rust when it only lasts 2 weeks.  Seacrate has sold me the last drive they'll ever sell me. Shingled, helium filled, 2T drives, doomed when the helium escapes. They just disappeared off the end of the sata

are you sure? If I remember correctly Seagate Helium drives are all 10T and
up

cable. Same cable, plugged into an SSD is working perfectly over 2 years later. And working 4x faster.

Cheers, Gene Heskett, CET.

--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis

--
Henning Follmann | hfollmann@itcfollmann.com

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2/21/25 09:48, Dan Purgert wrote:

On Feb 21, 2025, gene heskett wrote:

On 2/21/25 07:11, Dan Purgert wrote:

On Feb 21, 2025, Frank Guthausen wrote:

On Fri, 21 Feb 2025 05:07:10 -0500
gene heskett <gheskett@shentel.net> wrote:

my home net, is behind dd-wrt, in plain text. on an address block
that does not get thru a router. And in 30 years I have not been
touched.

LUKS addresses a completely different attack vector than network
intrusion. As long as the LUKS device is decrypted on a running
machine it is not much of a help. LUKS protects data during the
encrypted state, e.g. when a stolen laptop was in shutdown state
at that time, and it helps to protect data when disks are up to
renewal and someone else has got access to the older disks later.
Without LUKS the disk erasing process needs time and might well
be quiet expensive.

Yes and no with the erasure thing -- a handful of SSD options nowadays
do onboard / integral encryption, so "erasing" the drive is essentially
just "deleting the secret key"

But then again, SSDs are quite expensive per TiB if you're talking about >>> a storage array

So are spinning rust when it only lasts 2 weeks.  Seacrate has sold me the

Good thing "2 weeks" is well within a warranty period. Unless, of
course, that you opted to purchase old drives from somewhere.

What would I do with 2 more identical drives doomed to go away as soon
as the helium leaves? I was upset and didn't bother trying to warranty
them. It just served the purpose of prodding me into converting 95% of
my systems here to SSD's, faster and many times more dependable although
I do have one .5T 870 samsung out of around 8 that is not too healthy,
around 5% of it has disappeared but it just keeps on working.  And 2,
250G drives in my cnc machinery that have well over 100k spinning hours
on them. Sweet spot for drive life I guess.

Thanks Dan

Cheers, Gene Heskett, CET.

--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2/21/25 11:03, Henning Follmann wrote:

On Fri, Feb 21, 2025 at 09:29:32AM -0500, gene heskett wrote:

On 2/21/25 07:11, Dan Purgert wrote:

On Feb 21, 2025, Frank Guthausen wrote:

On Fri, 21 Feb 2025 05:07:10 -0500
gene heskett <gheskett@shentel.net> wrote:

[...]

So are spinning rust when it only lasts 2 weeks.  Seacrate has sold me the >> last drive they'll ever sell me. Shingled, helium filled, 2T drives, doomed >> when the helium escapes. They just disappeared off the end of the sata

are you sure? If I remember correctly Seagate Helium drives are all 10T and up

That was 2+ years ago, and 2T's were brand new.

cable. Same cable, plugged into an SSD is working perfectly over 2 years
later. And working 4x faster.

Cheers, Gene Heskett, CET.

--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis

Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, Feb 21, 2025 at 11:19:11AM -0500, gene heskett wrote:

On 2/21/25 11:03, Henning Follmann wrote:

On Fri, Feb 21, 2025 at 09:29:32AM -0500, gene heskett wrote:

On 2/21/25 07:11, Dan Purgert wrote:

On Feb 21, 2025, Frank Guthausen wrote:

On Fri, 21 Feb 2025 05:07:10 -0500
gene heskett <gheskett@shentel.net> wrote:

[...]

So are spinning rust when it only lasts 2 weeks.  Seacrate has sold me the
last drive they'll ever sell me. Shingled, helium filled, 2T drives, doomed
when the helium escapes. They just disappeared off the end of the sata

are you sure? If I remember correctly Seagate Helium drives are all 10T and up

That was 2+ years ago, and 2T's were brand new.

Sorry I think you get things mixed up again.

The first Helium filled drive from Seagate (or HGST) was announced over 10 years ago. At that time you already had 2T on the market for long time

In fact I have a 2T right here (just decommisioned) The date says 2016.
Since I tend to buy $cheapest/byte that should tell us in 2016 were very affordable and most likely not fresh on the market.

[...]

Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis

--
Henning Follmann | hfollmann@itcfollmann.com

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

That was 2+ years ago, and 2T's were brand new.

With a lot of emphasis on the "+" I guess, since I bought my first 2½"
2TB HDD in 2012.


Stefan

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi,

On Fri, Feb 21, 2025 at 10:11:59AM -0500, gene heskett wrote:

What would I do with 2 more identical drives doomed to go away as soon as
the helium leaves?

The magnets could augment a tin foil hat up to a whole new level of
safety; may even make the use of red SATA cables viable.

Thanks,
Andy

--
https://bitfolk.com/ -- No-nonsense VPS hosting

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2/21/25 18:42, Andy Smith wrote:

Hi,

On Fri, Feb 21, 2025 at 10:11:59AM -0500, gene heskett wrote:

What would I do with 2 more identical drives doomed to go away as soon as
the helium leaves?

The magnets could augment a tin foil hat up to a whole new level of
safety; may even make the use of red SATA cables viable.

That is a bit of a miss Andy, most would call that color red, but its
actually magenta and it is those that have a 2 or 3 year lifetime. Real
red, if you could find them, s/b fine. Mine are all black and now
several years old.

Thanks,
Andy

Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2/21/25 11:42, Stefan Monnier wrote:

That was 2+ years ago, and 2T's were brand new.

With a lot of emphasis on the "+" I guess, since I bought my first 2½"
2TB HDD in 2012.

Stefan

I was shopping in the 3.5" drives at newegg IIRC, 2T was the biggest,
and my 3rd woof died in 2020, and those were bought after she passed,
sometime in 2021 or 2022. For $129/copy IIRC.  They both just
disappeared off the end of a sata-iii cable within 36 hours of each
other with only 2 weeks spin time on them..  NOS for sure, marked as
made in 2014, so they were at least 7 damned years on somebody's shelf
when I bought the pair of them. But it took a 16mm projector lens to
read all that in the drive label. There was a time when seagate made
good hard drives. One of my cnc'd machines has a 250G in it, shut off
only for new installs, still running wheezy. No reallocated sectors, the
last time I looked, at probably 90K+ spinning hours its fine. I'd query
it, but smartctl seems to have been removed, so what now serves that
purpose of interrogating a drive on wheezy??  Thanks Stefan.

.

Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

I've been buying Seagate 4TB EXOS SAS 'wiped' drives on ebay in box lots
of ten for $150 to $200. That's $15-$20 for a 4TB drive. The one box had
2 DOA drives, the rest are performing great. I have a dozen of these
running in a Dell R720XD Rack server (RAID controller reflashed; can't
think of the name of the site whose tutorial I followed.) Boot disk is
an intel 2.5" SATA 200GB SSD, also used, from ebay. That ~10 yr old
machine isn't as energy efficient as new hardware, but I'm not working
it hard and did not notice any definite change in the monthly
fluctuations in my power bill. If I run benchmarks on its (two sockets)
CPUs, its many fans rev and you'd think I have a drone flying in the
basement.

The first two months it was in operation I had several occasions with
two drives at a time falling out of the zpool, usually upon reboot. Was
able to 'dd' wipe the start and end of the dropped drives and 'zpool
replace' them back into the pool. Oddly, I had the same problem on a
different project where I installed four new 20TB WD Red Pro on a new
AsRock Rack mobo running Debian 12, headless. After two months and 3-4
HDD dropouts (always in pairs but not the same HDDs each time), things stabilized and have been running solid since. Throughout all that, the
zpool always retained some redundancy. The nfs share never glitched,
except in the new setup they had a failing client spamming the nfs
server and collapsing it with kernel panic. That stopped when I removed
their funky client machine.

Downside is these are SAS drives so non-server hardware needs PCIe card
and SAS cables like:

https://www.amazon.com/OIKWAN-Mini-SAS-SAS-Cable-Connector-SATA-Power/dp/B0CNPQTCS7

https://www.ebay.com/itm/194910024856

My first two SAS drives I hand wired the power adapters (SATA -> SAS)
because I didn't have the right adapters on hand. Switched the machine
on and got a loud buzz and lots of smoke somewhere out of the HDDs.
Thankfully my pc was non the worse for it, but I wrote "SMOKED" with a
black marker on those two HDDs and never tried powering them again.

Just now looked at smartctl numbers for the 12 HDDs, the newest one says
30K and the oldest 70K, spinning hours. I've spun them some 6K hours
since I bought them. Mfr. date reported from 2013 to 2018. One of them
has always reported 3 re-allocated sectors, so what, this is RAIDz3, and
at my own risk. To date, all projects I sold to customers contained all
brand new drives.

On 2/22/25 06:29, gene heskett wrote:

On 2/21/25 11:42, Stefan Monnier wrote:

That was 2+ years ago, and 2T's were brand new.

With a lot of emphasis on the "+" I guess, since I bought my first 2½"
2TB HDD in 2012.


         Stefan

I was shopping in the 3.5" drives at newegg IIRC, 2T was the biggest,
and my 3rd woof died in 2020, and those were bought after she passed, sometime in 2021 or 2022. For $129/copy IIRC.  They both just
disappeared off the end of a sata-iii cable within 36 hours of each
other with only 2 weeks spin time on them..  NOS for sure, marked as
made in 2014, so they were at least 7 damned years on somebody's shelf
when I bought the pair of them. But it took a 16mm projector lens to
read all that in the drive label. There was a time when seagate made
good hard drives. One of my cnc'd machines has a 250G in it, shut off
only for new installs, still running wheezy. No reallocated sectors,
the last time I looked, at probably 90K+ spinning hours its fine. I'd
query it, but smartctl seems to have been removed, so what now serves
that purpose of interrogating a drive on wheezy??  Thanks Stefan.

.

Cheers, Gene Heskett, CET.

--
Thank You!

Titus Newswanger
Curtiss WI

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Feb 22, 2025, gene heskett wrote:

On 2/21/25 11:42, Stefan Monnier wrote:

That was 2+ years ago, and 2T's were brand new.

With a lot of emphasis on the "+" I guess, since I bought my first 2½"
2TB HDD in 2012.

Stefan

I was shopping in the 3.5" drives at newegg IIRC, 2T was the biggest, and my 3rd woof died in 2020, and those were bought after she passed, sometime in 2021 or 2022. For $129/copy IIRC.  They both just disappeared off the end of a sata-iii cable within 36 hours of each other with only 2 weeks spin time
on them..  NOS for sure, marked as made in 2014, so they were at least 7 damned years on somebody's shelf when I bought the pair of them. But it took

I've never seen newegg sell "new" stock that's that old (in terms of manufactured date) . Sounds like you bought "used" stock off their
marketplace ...

--
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1 E067 6D65 70E5 4CE7 2860

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3asj+xn6fYUcweBnbWVw5UznKGAFAme5+iUACgkQbWVw5Uzn KGDyGg//SfkBDpREIlldHz4iIYgCf8EK1Sp5vdtFijy9LguIYU5UPr7pP8GnkUsw NnxhnqHjPXt398pn7k90j1PLgW2JXVbSu03jW+p5aR7tfXyocspYNcrmwpD3Wxb4 1zVWiXijw6sjdLTVYUJi4GWk2s+IONpSDqIUClpSGIIyerJCy4VrUNddHLgUxPfk RFP1nnE6DaGBrIhc58INrkP7hr5Xg+Z0B16YCs2TpHu78hb1znLna317WsxwxJ3t B8cyZWYUlVm6L2IkpPpCrAjAp4S+56/gw4r0dKBf00PBUjIAY7ecO9irMZi5K8kM jqKNCQ71sRQw1G4nTYeCX0sfRGinYwfVVn6z9eoTs2CZO0JVMkjeTzpLhM8MXOAH m8+rWmh+jZ2XVfx+P+iOhgGCgcRlfOjTXEPORhAwRTvF0700jXAR22wAnMbJOxgL tjgoZkqL/X3gZrCN9PqVp8H75ualZr49V2Bp18ytkO1pLmXv/DoeayfR6PlGPbqs KIysIIt+WwCWTJA57A6ErguboJCSuPjPMBd/XJn8hqlolc7t7cq+c/c8738Aqpjb ud2wlbqAHIZQI8F80dFco5ymXMsjS8bdpZRS+U1sBSfMcTNMRY7eXiCADCGu5EWC JB+hlVs0SBGPeWHefNgPxFc8DnUKgn6OsHfmQ1k4qT9/Kc9+Rqc=
=r+tY
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Us

On 2/22/25 11:24, Dan Purgert wrote:

On Feb 22, 2025, gene heskett wrote:

On 2/21/25 11:42, Stefan Monnier wrote:

That was 2+ years ago, and 2T's were brand new.

With a lot of emphasis on the "+" I guess, since I bought my first 2½"
2TB HDD in 2012.


Stefan

I was shopping in the 3.5" drives at newegg IIRC, 2T was the biggest, and my >> 3rd woof died in 2020, and those were bought after she passed, sometime in >> 2021 or 2022. For $129/copy IIRC.  They both just disappeared off the end of
a sata-iii cable within 36 hours of each other with only 2 weeks spin time >> on them..  NOS for sure, marked as made in 2014, so they were at least 7
damned years on somebody's shelf when I bought the pair of them. But it took

I've never seen newegg sell "new" stock that's that old (in terms of manufactured date) . Sounds like you bought "used" stock off their marketplace ...

That is possible, but they looked pristine.

Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2/23/25 00:00, David Wright wrote:

On Sat 22 Feb 2025 at 07:29:15 (-0500), gene heskett wrote:
[ … ]

read all that in the drive label. There was a time when seagate made
good hard drives. One of my cnc'd machines has a 250G in it, shut off
only for new installs, still running wheezy. No reallocated sectors,
the last time I looked, at probably 90K+ spinning hours its fine. I'd
query it, but smartctl seems to have been removed, so what now serves
that purpose of interrogating a drive on wheezy??

I don't think so, unless you removed it yourself:

$ ls -Glg smartmontools_5.41+svn3365-1_amd64.deb
-rw-r----- 1 578692 Jun 19 2011 smartmontools_5.41+svn3365-1_amd64.deb
$ md5sum smartmontools_5.41+svn3365-1_amd64.deb
603319007d32d580b19c065bfe34b7b7 smartmontools_5.41+svn3365-1_amd64.deb
$

was just downloaded from:

http://archive.debian.org/debian/pool/main/s/smartmontools/

[ ] smartmontools_5.41+svn3365-1+b1_kfreebsd-amd64.deb 2012-02-15 01:05 550K
[ ] smartmontools_5.41+svn3365-1+b1_kfreebsd-i386.deb 2012-02-14 22:21 550K
[ ] smartmontools_5.41+svn3365-1.debian.tar.gz 2011-06-19 15:48 38K
[TXT] smartmontools_5.41+svn3365-1.dsc 2011-06-19 15:48 1.5K
[ ] smartmontools_5.41+svn3365-1_amd64.deb 2011-06-19 16:18 565K
[ ] smartmontools_5.41+svn3365-1_armel.deb 2011-06-19 16:19 544K
[ ] smartmontools_5.41+svn3365-1_armhf.deb 2011-12-07 15:16 529K
[ ] smartmontools_5.41+svn3365-1_i386.deb 2011-06-19 15:48 567K
[ ] smartmontools_5.41+svn3365-1_ia64.deb 2011-06-19 16:19 682K
[ ] smartmontools_5.41+svn3365-1_mips.deb 2011-06-19 16:19 567K
[ ] smartmontools_5.41+svn3365-1_mipsel.deb 2011-06-20 07:34 561K
[ ] smartmontools_5.41+svn3365-1_powerpc.deb 2011-06-19 16:19 575K
[ ] smartmontools_5.41+svn3365-1_s390.deb 2011-06-19 16:19 568K
[ ] smartmontools_5.41+svn3365-1_s390x.deb 2011-12-02 00:15 576K
[ ] smartmontools_5.41+svn3365-1_sparc.deb 2011-06-19 16:19 567K
[ ] smartmontools_5.41+svn3365.orig.tar.gz 2011-06-19 15:48 631K

Take your pick.

Cheers,
David.

.

Something seems to have removed it, but it does re-install okay but

I get wildly different, and confusing readings for some things:

Power_On_hours I think has rolled over at 100000, while head

flying hours is a much much larger figure that doesn't make sense:

  5 Reallocated_Sector_Ct   0x0033   100   100   036 Pre-fail    Always       -       0

  9 Power_On_Hours           0x0032   060   011   000 Old_age  
Always       -       35517

12 Power_Cycle_Count       0x0032   100   100   020    Old_age Always       -       239
240 Head_Flying_Hours       0x0000   100   253   000    Old_age Offline      -       114378h+51m+54.298s

This after doing a -t long yesterday. First time in several years. There
is a

900WA ups on that machine for about 4 years now, holds up well while

the 20kw kohler in the back yard is getting spun up, takes 5 or 6 seconds.

Make sense out of that if you can. I'd assume head flying hours would

closely match POH  if a 1 was added in front of POH, but that doesn't fit

by quite a lengthy row of apple trees. In any context, that drive is
healthy.

Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2/25/25 19:47, David Wright wrote:

On Sun 23 Feb 2025 at 09:47:41 (-0500), gene heskett wrote:

On 2/23/25 00:00, David Wright wrote:

On Sat 22 Feb 2025 at 07:29:15 (-0500), gene heskett wrote:
[ … ]

read all that in the drive label. There was a time when seagate made
good hard drives. One of my cnc'd machines has a 250G in it, shut off
only for new installs, still running wheezy. No reallocated sectors,
the last time I looked, at probably 90K+ spinning hours its fine.

http://archive.debian.org/debian/pool/main/s/smartmontools/

[ ] smartmontools_5.41+svn3365-1+b1_kfreebsd-amd64.deb 2012-02-15 01:05 550K
[ ] smartmontools_5.41+svn3365-1+b1_kfreebsd-i386.deb 2012-02-14 22:21 550K
[ ] smartmontools_5.41+svn3365-1.debian.tar.gz 2011-06-19 15:48 38K
[TXT] smartmontools_5.41+svn3365-1.dsc 2011-06-19 15:48 1.5K
[ ] smartmontools_5.41+svn3365-1_amd64.deb 2011-06-19 16:18 565K
[ ] smartmontools_5.41+svn3365-1_armel.deb 2011-06-19 16:19 544K
[ ] smartmontools_5.41+svn3365-1_armhf.deb 2011-12-07 15:16 529K
[ ] smartmontools_5.41+svn3365-1_i386.deb 2011-06-19 15:48 567K
[ ] smartmontools_5.41+svn3365-1_ia64.deb 2011-06-19 16:19 682K
[ ] smartmontools_5.41+svn3365-1_mips.deb 2011-06-19 16:19 567K
[ ] smartmontools_5.41+svn3365-1_mipsel.deb 2011-06-20 07:34 561K
[ ] smartmontools_5.41+svn3365-1_powerpc.deb 2011-06-19 16:19 575K
[ ] smartmontools_5.41+svn3365-1_s390.deb 2011-06-19 16:19 568K
[ ] smartmontools_5.41+svn3365-1_s390x.deb 2011-12-02 00:15 576K
[ ] smartmontools_5.41+svn3365-1_sparc.deb 2011-06-19 16:19 567K
[ ] smartmontools_5.41+svn3365.orig.tar.gz 2011-06-19 15:48 631K

(Aside to Gene's fan: the list lacks aarch64, aka arm64,
because that architecture was introduced in jessie (8).)

Something seems to have removed it, but it does re-install okay but
I get wildly different, and confusing readings for some things:

Power_On_hours I think has rolled over at 100000, while head
flying hours is a much much larger figure that doesn't make sense:

  5 Reallocated_Sector_Ct   0x0033   100   100   036 Pre-fail
Always       -       0
  9 Power_On_Hours           0x0032   060   011   000 Old_age
Always       -       35517
12 Power_Cycle_Count       0x0032   100   100   020    Old_age
Always       -       239
240 Head_Flying_Hours       0x0000   100   253   000    Old_age
Offline      -       114378h+51m+54.298s

Staggering precision there! But as 114378 hours represents about
13 years, that could be a realistic time, don't you think?

Sounds about right, but doesn't jib with POH, hence my remark about
overflow. Somewhere along that line of thinking, ISTR applying a patch
to that drive from a seagate dl when it was younger, which may have
putzed with the POH. Maybe. Details lost in the fog of time.

I'd assume head flying hours would
closely match POH  if a 1 was added in front of POH, but that doesn't fit

I've not seen posted a POH line like that before, with 060 and 011
not being identical numbers. But as the Threshold is 000, then
both Value and Worst can never be less than that, obviously. But
interpreting those particular values really is above my paygrade.

Mine too.  Thanks David.

Cheers,
David.

.

Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)