geli + journal
RW
rwmaillists at googlemail.com
Mon Nov 14 23:51:02 UTC 2011
On Tue, 15 Nov 2011 00:06:00 +0200
Коньков Евгений wrote:
>catch idea, but some question:
> in this situation .eli.journal journal device will not be encrypted?
> can you describe how data flow will be?
The journal is encrypted unless you choose to put it on a separate
non-encrypted device.
In principle the data is encrypted into the journal, decrypted from
the journal and then re-encrypted into its final location. In practice
I've found that in file copying between disks, writing uses about
twice as much cpu time as reading, so maybe the decryption from the
journal can be avoided by caching.
More information about the freebsd-questions
mailing list