Maximum secure filesystem-size with geli
Christian Baer
christian.baer at uni-dortmund.de
Sun Apr 17 21:45:08 UTC 2011
On 17.04.2011 19:16, Pawel Jakub Dawidek wrote:
> Recent GELI uses one key for every 2^20 sectors, so no more than
> (2^20)*sectorsize bytes is encrypted using one key, so file system size
> should not be an issue.
Hmm, then I guess it was a good idea to update from 8.0 before I set up
the new drive. :-) Thank you for the infomation so far!
This however makes another question arise:
Is there some recommendation on the ratio between geli's -s option and
the options -b and -f of newfs (I don't think -i option is important to
geli)?
Basicly: If I use different block sizes for the file system (in my case
much larger than the default), would it be a good idea to use the same
size as geli's sector size? If so, which sizes should be the same?
Sector size (geli) and blocksize or frag size (newfs). I intend to use UFS.
Best regards and good night!
Chris
More information about the freebsd-geom
mailing list