GELI XTS
grarpamp
grarpamp at gmail.com
Sun Oct 17 23:24:34 UTC 2010
Is this headed/ready for RELENG_8?
Will be initializing a good sized pile of disk before long and was
hoping to go with XTS, etc.
Also, in general, is there any sort of third party crypto/implementation
review on geli and the related kernel crypto bits?
Thanks.
/head/sys/geom/eli/g_eli_crypto.c
...
Revision 213070 etc
Modified Thu Sep 23 11:58:36 2010 UTC (3 weeks, 3 days ago) by pjd
Add support for AES-XTS. This will be the default now.
Implement switching of data encryption key every 2^20 blocks.
This ensures the same encryption key won't be used for more than
2^20 blocks (sectors). This will be the default now.
MFC after: 1 week
/head/sbin/geom/class/eli/geom_eli.c
/head/sbin/geom/class/eli/geli.8
...
Revision 213172 etc
Modified Sat Sep 25 17:38:57 2010 UTC (3 weeks, 1 day ago) by pjd
- Add support for loading passphrase from a file (-J and -j options).
This is especially useful for things like installers, where regular
geli prompt can't be used.
- Add support for specifing multiple -K or -k options, so there is no
need to cat all keyfiles and read them from standard input.
MFC after: 2 weeks
More information about the freebsd-geom
mailing list