Zfs encryption property for freebsd 8.3
Alan Somers
asomers at freebsd.org
Tue Sep 3 14:53:34 UTC 2013
On Tue, Sep 3, 2013 at 6:22 AM, Florent Peterschmitt
<florent at peterschmitt.fr> wrote:
> Le 03/09/2013 14:14, Emre Çamalan a écrit :
>> Hi,
>> I want to encrypt some disk on my server with Zfs encryption property but it is not available.
>
> "That would require ZFS v30. As far as I am aware Oracle has not
> released the code under CDDL."
Oracle's ZFS encryption is crap anyway. It works at the filesystem
level, not the pool level, so a lot of metadata is in plaintext; I
don't remember how much exactly. It's also highly vulnerable to
watermarking attacks.
>
> From http://forums.freebsd.org/showthread.php?t=30036
>
> So you can use ZFS pools on GELI volumes, it can be a good start. I not
> play with it.
GELI is full-disk encryption. It's far superior to ZFS encryption.
>
> --
> Florent Peterschmitt | Please:
> florent at peterschmitt.fr | * Avoid HTML/RTF in E-mail.
> +33 (0)6 64 33 97 92 | * Send PDF for documents.
> http://florent.peterschmitt.fr | * Trim your quotations. Really.
> Proudly powered by Open Source | Thank you :)
>
More information about the freebsd-hackers
mailing list