Striped mirror raid10

Brandon J. Wandersee brandon.wandersee at
Wed Jun 1 18:03:25 UTC 2016

Bernt Hansson writes:

> Hello list!
> I have set up a striped mirror;
> root at testbox:~ # gmirror status
>             Name    Status  Components
> mirror/gmirror0  COMPLETE  ada0 (ACTIVE)
>                             ada1 (ACTIVE)
> mirror/gmirror1  COMPLETE  ada2 (ACTIVE)
>                             ada3 (ACTIVE)
> root at testbox:~ # gstripe status
>            Name  Status  Components
> stripe/stripe0      UP  mirror/gmirror0
>                          mirror/gmirror1
> /dev/stripe/stripe0           1.8T    4.0K    1.8T     0% /raid10
> Now I want to encrypt it, but is that wise? I mean you can remove a
> disk from the mirror, won't that break the encryption? And the
> mirror/stripe.

Encrypt the disks/partitions themselves, not the stripe or mirror. You
can then create mirrors of the resulting *.eli device nodes, then create
a stripe from the mirrors. You can unlock the disks/partitions at boot

1) First, run `geli configure -b <disk/partition>` on each encrypted
   disk/partition, so you will be prompted for the passphrase for each
   encrypted partition during boot.
2) Next, add the line 'geom_eli_passphrase_prompt=YES' to the file
   /boot/loader.conf. This will add a passphrase prompt the boot menu,
   allowing you to enter the passphrase for the disks one time only,
   before the boot process begins.


::  Brandon J. Wandersee
::  brandon.wandersee at
::  --------------------------------------------------
::  'The best design is as little design as possible.'
::  --- Dieter Rams ----------------------------------

More information about the freebsd-questions mailing list