Date: Thu, 1 Jul 2010 17:57:27 -0500 From: Adam Vande More <amvandemore@gmail.com> To: Tim Gustafson <tjg@soe.ucsc.edu> Cc: freebsd-questions@freebsd.org Subject: Re: fusefs-cryptofs vs fusefs-cryptofs Message-ID: <AANLkTinlTTDL7laA5ALE4AI9LbyhWiaD4gz7G1bRT1Ai@mail.gmail.com> In-Reply-To: <1256109284.365181278000846989.JavaMail.root@mail-01.cse.ucsc.edu> References: <AANLkTinCarI4JRkDnw8PCHcOn3VpA_wP6303a7oSEU33@mail.gmail.com> <1256109284.365181278000846989.JavaMail.root@mail-01.cse.ucsc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jul 1, 2010 at 11:14 AM, Tim Gustafson <tjg@soe.ucsc.edu> wrote: > > I use file backed GELI fs in this manner. Of course you > > can script it yourself, but I find the ez-jail handles my > > requirements perfectly. > > Thanks, I'll look into using GELI. I think if I do that, I'll have to > mount the file system in the host environment at boot time so that it can > prompt for the pass phrase properly, as there really isn't much of a > "console" for each jailed environment. The ezjail script includes the prompt for password when starting a jail. It prompts from the host console. My backup setup is also a file backed GELI fs mounted over sshfs. That's a manual config outside of ezjail One other thing to note is that performance isn't jaw dropping to say the least, but my setup is VM based and io speed isn't a large concern for me. Your performance results could easily be better than mine. -- Adam Vande More
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTinlTTDL7laA5ALE4AI9LbyhWiaD4gz7G1bRT1Ai>