C.4.2. Optional: Fill the device with random data
Filling <device> (eg: /dev/sda3
) with random data before encrypting it greatly increases the strength of the encryption. The downside is that it can take a very long time.
The commands below will destroy any existing data on the device.
The best way, which provides high quality random data but takes a long time (several minutes per gigabyte on most systems):
dd if=/dev/urandom of=<device>
Fastest way, which provides lower quality random data:
badblocks -c 10240 -s -w -t random -v <device>