What is the performance overhead of encrypted /home?

performance encryption

Solution 1:

I have been using the encrypted home directory feature for years and I can tell you that while it behaves fine under normal circumstances it will bring your machine to its knees when doing any kind of intense file operations.

I have a quad-core Pentium i7 with 16GB of RAM from System7. By any measure it is a lightening fast laptop with a SATA 7200 RPM drive. Just today when I was unzipping a file with 20,000 small text files in it (take 10 minutes), my system is essentially unusable. Everything that touches the file system has a 1-2 second delay...including the web browser. My experience is exactly that of the OP -- the encrypted home directory is about 15x slower than unencrypted.

I didn't think anything about it because I am so used to it (this is my 4th laptop). On the wild chance that somebody has a tip on how to improve it, I thought I'd search here.

I encrypt my home directory because I HAVE to. If you don't have to...then don't.

Solution 2:

dd is NOT a good way to measure HD performance. There are to many variables involved and any good test would need to be done numerious times anyway.

Encryption generates an overhead especially on the "lesser" cpu's that are in netbooks. They are cheaper for a reason after all.

While I do not have data on drive encryption, I did do tests on https vs http for a webserver and the cost is substantial but not lethal. HOWEVER, your home dir tends to be a mess with programs writing to their hidden directories at random constantly. See Firefox for one bad boy in this regard. This is a constant slight slow down on a netbook that is already slower and often as standard has a slow HD.

Run it again with bonnie++ another user recommended but this time, do it with TWO different users, one with an encrypted HD, the other without. Make sure both home dirs are filled the same.

That gives you a far more accurate test. I would not be suprised to see about 20% performance hit or more. That is what my web server did when asked to encrypt everything it put out. And you are reading and writing encrypted data.

Solution 3:

While encryption for sure will add overhead, encrypting the home partition should not have a big impact on your system's performance. Most of the programs you run are read brom /bin or /usr, and most of the regular system writing is in /var or /tmp.

Only your user files are in /home, so you will see impact if processing large files, which I usually put on separate partition anyway, keeping my home for documents only.

Related

Is using Software Updater the same thing as running apt-get update and apt-get upgrade?
How can I install and use gcc 6 on xenial? [duplicate]
92% of syslog is filled with message regarding 'ureadahead' ignoring relative path
How to safely try KDE?
Is there a way to store the current desktop layout?
What does the "-" in "bash -" mean?
What is the difference between sudo apt-get install and sudo apt install
What is the difference between x86_64 amd64 and 64 bit?
Filesystem shows /dev/nvme0n1p1 instead of /dev/sda [duplicate]
How to force installation of kernel updates when using apt-get upgrade?
cp - cannot create regular file : permission denied
What package is right for my computer?