freebsd encrypted hard disk?
Roland Smith
rsmith at xs4all.nl
Wed Jan 14 15:20:57 PST 2009
On Wed, Jan 14, 2009 at 10:55:38PM +0000, RW wrote:
> On Wed, 14 Jan 2009 18:59:54 +0100
> Roland Smith <rsmith at xs4all.nl> wrote:
>
> > Geli is
> > convenient and seems to work well. On modern machines the performance
> > penalty is slight. It supports well-regarded encryption algorithms
> > like AES and Blowfish.
>
> It depends on what you mean by modern, and slight, on my single-core
> amd64 2.8G the performance penalty of geli is substantial.
True for a single-core machine.
> Not just in reduced transfer rates, but also in terms of CPU cycles
> used - a sustained geli to geli file copy makes things really slow for
> me.
That's probably because two geli kernel threads are competing for time
on a single core. I've had problems with that as well (geli-encrypted
USB drive stalling).
Since I've switched to a multi-core machine (where the number of cores
should be at least equal to the number of geli-encrypted devices), CPU
load for gele has dropped to barely noticable.
Looking at the machines on sale at local computer stores only the
absolute rock-bottom spec-ed machines are single core these days.
Roland
--
R.F.Smith http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20090114/89604ef7/attachment.pgp
More information about the freebsd-questions
mailing list