Recent GELI additions.
Iñigo Ortiz de Urbina
inigoortizdeurbina at gmail.com
Sun Sep 26 17:22:14 UTC 2010
Indeed, truly impressive work. geli makes encryption a bliss :)
Thank you very much pjd@!
On 9/25/10, Pawel Jakub Dawidek <pjd at freebsd.org> wrote:
> Hi.
>
> I'd like to inform about three new features in GELI available in HEAD:
>
> 1. AES-XTS encryption. XTS mode is a standard that is recommended these
> days for storage encryption. This is the default now. AES-XTS support
> was also added to opencrypto framework and aesni(4) driver.
>
> 2. Multiple encryption keys. GELI will use one encryption key for at
> most 2^20 blocks (sectors), as it is not recommended to use the same
> encryption key for too much data. It generates keys array from the
> master key on attach and uses it accordingly. This is the default now.
>
> 3. Passphrase can now be loaded from a file (-J and -j options).
>
> --
> Pawel Jakub Dawidek http://www.wheelsystems.com
> pjd at FreeBSD.org http://www.FreeBSD.org
> FreeBSD committer Am I Evil? Yes, I Am!
>
More information about the freebsd-security
mailing list