Encrypted zfs?
Christian Walther
cptsalek at gmail.com
Mon Aug 27 03:48:11 PDT 2007
Hello list,
I'm currently using a zraid consisting of three drives. Lately I wonder
what the best way would be to encrypt it.
I read the chapter dealing with disk encryption in the handbook, and
decided to use GELI. Is there anyone here on the list who has some
experiences with ZFS on encrypted GELI devices? Are there some
performance specs around?
And what is even more important: What is the best of moving the zraid to
encrypted devices?
I can't remove one of the disks because they are in use. So I figure one
way would be to buy another disk, set up encryption and add it to the
pool. I could then remove one disk after the other, encrypt it, remove
the (now broken one) from the zpool, and add the newly encrypted device.
Since buying disks costs money I wonder how save it would be to follow
this procedure without adding a new disk. From my point of view I'll
loose redundancy as soon as I remove one of the three disks. But is
there another problem or something dangerous I don't see her?
Regards
Christian
More information about the freebsd-current
mailing list