TRIM on an encrypted SSD

encryption ssd trim
21,015

Solution 1

Ubuntu 11.10 Oneiric does not ship with cryptsetup 1.4, although Precise does. I don't know whether cryptsetup can be upgraded on Oneiric or not. Since Precise will be released in a month, you can also wait for that release before considering TRIM with encrypted partitions. The kernel can always be upgraded afterwards.

From http://code.google.com/p/cryptsetup/wiki/Cryptsetup140:

Support --allow-discards option to allow discards/TRIM requests.

Since kernel 3.1, dm-crypt devices optionally (not by default) support block discards (TRIM) commands.

If you want to enable this operation, you have to enable it manually on every activation using --allow-discards 

cryptsetup luksOpen --allow-discards /dev/sdb test_disk

WARNING: There are several security consequences, please read at least http://asalor.blogspot.com/2011/08/trim-dm-crypt-problems.html before you enable it.

As you can see, this feature is not enabled by default because of the degraded security as mentioned in the linked blog. So, if you use cryptsetup on kernel 3.0 (the one shipped with Precise), you won't have TRIM support on your encrypted partitions. After upgrading to 3.1+, you still don't have unless you enable it.

To do so, you have to edit /etc/crypttab after installation (not sure if it's possible during installation) and add the discard option. See also crypttab(5).

Solution 2

I have posted a step by step guide to enabling TRIM with LUKS encrypted partitions in Ubuntu 12.04 or any Debian with cryptsetup 1.4+ and Kernel 3.1+. (Feel free to copy it here if some askubuntu guidelines deem it necessary.)

Find the Howto here:

http://worldsmostsecret.blogspot.com/2012/04/how-to-activate-trim-on-luks-encrypted.html

Share:
21,015

Related videos on Youtube

user50910
Author by

user50910

Updated on September 18, 2022

Comments

  • user50910
    user50910 over 1 year

    wiki.ubuntuusers.de says if I want to use TRIM on an encrypted SSD, I need at least cryptsetup 1.4 and kernel 3.1. Do I need this, when creating the partitions and setting up encryption, or is upgrading afterwards enough?

  • don.joey
    don.joey over 5 years
    Excellent write up in the link. Thanks. Works on 18.04 as well.
  • Filbuntu
    Filbuntu over 4 years
    @don.joey and nem75: Is TRIM still needed with SSDs (LVM & LUKS) nowadays?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Disable TRIM to avoid file system corruption
Are features like Trim for SSD's Included for 16.04?
On Ubuntu 16.04, with Samsung 850 EVO SSD, is any post configuration needed?
Does the mpt2sas driver support TRIM?
Where can the last FSTrim be seen as successful or not? (log files)
How to check if TRIM is working for an encrypted volume?
cryptsetup warning message about swap file
Is enabling TRIM on an encrypted SSD a security risk?
How do I dual boot with Windows+BitLocker, and with encryption for Ubuntu, over 2 drives?
Should I turn on zfs-trim on my pools or should I trim on a schedule using systemd timers or cron?