HAST + GELI?
Chad J. Milios
milios at ccsys.com
Wed Jan 1 19:50:37 UTC 2014
>> Either way works great. Both ways have their benefits, pains and
>> pitfalls.
>
> I guess HAST on top of GELI means both systems share the crypto load, whereas GELI ontop of HAST means one box ends up doing the crypto work for both 'sides' of the HAST devices... [if I've got that the right way round] - so HAST on GELI is probably the better way to go.
They don't share the work because at that point there has become twice the work to be done.
>> It depends on your use case, configuration, hardware,
>> adversaries, etc. Like most security solutions, the devil, and
>> weaknesses, lay in the details, like network engineering and key
>> management. Care to elaborate for us?
>
> There's not a lot to elaborate - I want more redundancy for a home system with the added benefit if someone happens to steal either box - I don't want them getting 'easy access' to family photos, emails info etc.
GELI atop HAST is going to leave the slave with less work to do, avoid the requirement for the key to be in the slave until failover time and give you less to worry about regarding securing the network between them. You just need to make sure you have that key ready when the slave is needed and that it's a current key (if you ever rekey).
A side note, for your use you might consider ZFS snap/send/receive (or rsync on UFS) in lieu of HAST. Mirrors really shouldn't be considered as backups because a virus or human mistake would blow away both copies simultaneously.
One must be careful to not confuse availability with redundancy though they do overlap a lot. HAST may give you the benefits you're looking for with less ongoing procedure, as a true backup system/procedure generally takes more ongoing involvement than mirroring something.
>> In other cases software based full disk encryption is really only going
>> to thwart or inconvenience the weakest of adversaries,
>
> Hehe - if that means the person who breaks in and steals it just scraps it rather than gets to go through all the data - that's fine by me :) But point kinda taken :-)
>
> -Karl
Yeah the 80/20 rule is more like the 98/2 rule when it comes to the common thief. :)
More information about the freebsd-geom
mailing list