Do you recommend LUKS encryption on a SSD (TRIM support)?

ssd luks trim
20,923

Solution 1

TRIM does not work for LUKS encrypted partitions because the data being written on the disk is encrypted, even if a block is "empty" according to the filesystem. From cryptsetup 1.4 and later (supplied with 12.04 Precise) and Linux 3.1 (not supplied with Precise), TRIM can be enabled (it is not enabled by default for security reasons). See also TRIM on an encrypted SSD

If you begin to notice a big performance decrease, you should consider backing up the data, clearing your SSD and put the data back. (this may be a reinstall too)

Whether TRIM is supported or not for LUKS encrypted partitions, I'd certainly enable it unless your data isn't worth anything.

Solution 2

LUKS does not allow TRIM by befault, because of security concerns.

Given the right versions of kernel and cryptsetup you can enable it though, either manually or on boot.

I have posted a step by step guide to enabling TRIM with LUKS encrypted partitions in Ubuntu 12.04 or any Debian with cryptsetup 1.4+ and Kernel 3.1+. (Feel free to copy it here if some askubuntu guidelines deem it necessary.)

Solution 3

It is possible to trim it manually with fstrim tool if everything configured correctly (subject is covered in various howtos). Aside "trim" support, speed decreases dramatically so advantages on using ssd with luks are questionable.

Solution 4

See the "--allow-discards" option in the cryptsetup(8) man page and the "discard" option in the crypttab(5) man page.

Share:
20,923

Related videos on Youtube

user24222
Author by

user24222

Updated on September 18, 2022

Comments

  • user24222
    user24222 over 1 year

    I have a laptop (Dell Inspiron 11z) and and SSD (Samsung 128GB) on order. On my current laptop, I have a spinning HDD and use LVM and LUKS encryption.

    I would like to use LUKS on the SSD but from doing a bit of research I am not sure if this is desirable/possible. It seems that LUKS (possibly???) may prevent TRIM from working.

    I can't find any concrete info on this and lots of the info on SSDs such as alignment etc seems to be out of date.

    Will TRIM work with LUKS? Because a laptop may be prone to theft, I like to have my data properly encrypted so this is important to me

    • htorque
      htorque over 12 years
      Just FYI: the absence of TRIM commands doesn't affect all SSD in the same way, eg. SandForce controller based SSD don't take a big hit if there's no TRIM.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to check if TRIM is working for an encrypted volume?
Does LUKS encryption affect TRIM? (SSD and linux)
Disable TRIM to avoid file system corruption
Are features like Trim for SSD's Included for 16.04?
On Ubuntu 16.04, with Samsung 850 EVO SSD, is any post configuration needed?
Does the mpt2sas driver support TRIM?
Where can the last FSTrim be seen as successful or not? (log files)
Should I turn on zfs-trim on my pools or should I trim on a schedule using systemd timers or cron?
TRIM on an encrypted SSD
fstrim does not work