gptzfsboot targeting wrong vdev
Christian Kratzer
ck-lists at cksoft.de
Tue Jul 14 18:14:07 UTC 2020
Hi,
On Mon, 13 Jul 2020, Allan Jude wrote:
<snipp/>
> So are your SLOG devices not encrypted? That seems like an oversight,
> since any synchronous writes will be written to the SLOG first.
yes the slog devices are not encrypted. And /boot/keys contains the keys.
All of the above are on the ada0, ada1 m2 ssd devices.
The main threat scenario I am protecting against is disposal of end of
live or broken disks in the main pool.
If I wanted to protect ada0/1 I would need to fall back to booting from
a separate external devices again that also includes the keys.
Greetings
Christian
--
Christian Kratzer CK Software GmbH
Email: ck at cksoft.de Wildberger Weg 24/2
Phone: +49 7032 893 997 - 0 D-71126 Gaeufelden
Fax: +49 7032 893 997 - 9 HRB 245288, Amtsgericht Stuttgart
Mobile: +49 171 1947 843 Geschaeftsfuehrer: Christian Kratzer
Web: http://www.cksoft.de/
More information about the freebsd-fs
mailing list