GELI encrypted ZFS zpool
Fabian Keil
fk at fabiankeil.de
Sat Sep 20 23:17:17 UTC 2008
Steve Bertrand <steve at ibctech.ca> wrote:
> I have an older storage box that I've upgraded to -stable. It currently
> uses 7 SCSI disks mashed together with gstripe.
>
> I've recently replaced this box with a new one running a ZFS setup. I'm
> now wanting to turn the old one into a storage device running ZFS, but I
> want the entire pool encrypted with GELI.
>
> I know I can do this, but my requirements are as such:
>
> - use a key on external media to access the GELI encrypted disks
> - not have to type in the passphrase for each physical disk
>
> ...is this possible?
It should be possible if you use keyfiles without password
for the vdevs and store those keyfiles on a geli encrypted
slice that uses both a keyfile and a passphrase.
Fabian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20080920/a7af919c/signature.pgp
More information about the freebsd-stable
mailing list