From owner-freebsd-geom@FreeBSD.ORG Mon May 9 13:46:18 2005 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7CB3616A4E8 for ; Mon, 9 May 2005 13:46:18 +0000 (GMT) Received: from biodiesel.gaiahost.coop (biodiesel.gaiahost.coop [64.95.78.120]) by mx1.FreeBSD.org (Postfix) with ESMTP id 18B5943D7E for ; Mon, 9 May 2005 13:46:18 +0000 (GMT) (envelope-from mark@gaiahost.coop) Received: from pooh.hubcapconsulting.com (host-216-153-147-194.spr.choiceone.net [::ffff:216.153.147.194]) (AUTH: PLAIN mark@hubcapconsulting.com) by biodiesel.gaiahost.coop with esmtp; Mon, 09 May 2005 08:46:11 -0400 id 0006C064.427F5B93.00004891 From: Mark Bucciarelli Organization: GAIA Host Collective To: freebsd-geom@freebsd.org Date: Mon, 9 May 2005 09:46:13 -0400 User-Agent: KMail/1.7.2 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200505090946.13708.mark@gaiahost.coop> Subject: swap and gmirror X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 May 2005 13:46:18 -0000 I have two drives where the first slice is mirrored using gmirror. Last night I thought I was being very clever by creating a swap slice on each drive and not mirroring those. Better performance as swap is distributed across two disks and faster writes because swap is not mirrored. Also, I saw This morning, I started having second thoughts. Isn't there a chance that if a disk dies, some running process may lose the data it has swapped to disk. That, I imagine, would be a very bad thing. If so, is there any safe way to configure swap so it is not mirrored? Regards, Mark From owner-freebsd-geom@FreeBSD.ORG Tue May 10 11:09:57 2005 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 90BDB16A4CE for ; Tue, 10 May 2005 11:09:57 +0000 (GMT) Received: from smtp3.hushmail.com (smtp3.hushmail.com [65.39.178.135]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4642C43D6D for ; Tue, 10 May 2005 11:09:57 +0000 (GMT) (envelope-from mrhino@hushmail.com) Received: from smtp3.hushmail.com (localhost.hushmail.com [127.0.0.1]) by smtp3.hushmail.com (Postfix) with SMTP id 3F891A3536 for ; Tue, 10 May 2005 04:09:56 -0700 (PDT) Received: from mailserver5.hushmail.com (mailserver5.hushmail.com [65.39.178.19]) by smtp3.hushmail.com (Postfix) with ESMTP for ; Tue, 10 May 2005 04:09:55 -0700 (PDT) Received: by mailserver5.hushmail.com (Postfix, from userid 65534) id 8B1AF36AF1; Tue, 10 May 2005 04:09:55 -0700 (PDT) Date: Tue, 10 May 2005 04:09:51 -0700 To: Cc: From: Message-Id: <20050510110955.8B1AF36AF1@mailserver5.hushmail.com> Subject: GBDE container file backup question X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 May 2005 11:09:57 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Apologies in advance if this isn't the right place to be asking this question: I've got a gbde partition based on an image file, private.img. I also have a lock file as per the instructions - /etc/gbde/md9 It's all working fine, but I want to be able to back it up somehow. If I back up private.img and /etc/gbde/md9, is that everything I need to do to be able to restore the encrypted partition? The lock file seems awfully small to be an encryption key (compared to the PGP keys I'm familiar with). What about the 'keys' mentioned in the handbook - I created 2 keys during the init, but I'm not sure where they are. Are they analagous to my PGP private keys, or what? Do I need to back them up somewhere? Do they have the same password? Any advice appreciated. Yours, Mark -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.4 wkYEARECAAYFAkKAlnYACgkQy7ADd7v2HyaSngCaAkYwBsqH3/3DBrrf/lXQjlaN2qsA oIkbjdtl2BBFhRY6CKs5uO9phVq2 =m5yy -----END PGP SIGNATURE----- From owner-freebsd-geom@FreeBSD.ORG Tue May 10 13:19:46 2005 Return-Path: Delivered-To: freebsd-geom@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DF86B16A4CE; Tue, 10 May 2005 13:19:46 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id B08AB43D55; Tue, 10 May 2005 13:19:46 +0000 (GMT) (envelope-from arved@FreeBSD.org) Received: from freefall.freebsd.org (arved@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j4ADJk6L051448; Tue, 10 May 2005 13:19:46 GMT (envelope-from arved@freefall.freebsd.org) Received: (from arved@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j4ADJk43051444; Tue, 10 May 2005 13:19:46 GMT (envelope-from arved) Date: Tue, 10 May 2005 13:19:46 GMT From: Tilman Linneweh Message-Id: <200505101319.j4ADJk43051444@freefall.freebsd.org> To: arved@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-geom@FreeBSD.org Subject: Re: kern/79251: [2TB] newfs fails on 2.6TB gbde device X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 May 2005 13:19:47 -0000 Synopsis: [2TB] newfs fails on 2.6TB gbde device Responsible-Changed-From-To: freebsd-bugs->freebsd-geom Responsible-Changed-By: arved Responsible-Changed-When: Tue May 10 13:19:09 GMT 2005 Responsible-Changed-Why: over to GEOM mailinglist http://www.freebsd.org/cgi/query-pr.cgi?pr=79251 From owner-freebsd-geom@FreeBSD.ORG Tue May 10 19:29:52 2005 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5951A16A4CE for ; Tue, 10 May 2005 19:29:52 +0000 (GMT) Received: from afields.ca (afields.ca [216.194.67.132]) by mx1.FreeBSD.org (Postfix) with ESMTP id 11FBB43D78 for ; Tue, 10 May 2005 19:29:52 +0000 (GMT) (envelope-from afields@afields.ca) Received: from afields.ca (localhost.afields.ca [127.0.0.1]) by afields.ca (8.12.11/8.12.11) with ESMTP id j4AJTpmK010326; Tue, 10 May 2005 15:29:51 -0400 (EDT) (envelope-from afields@afields.ca) Received: (from afields@localhost) by afields.ca (8.12.11/8.12.11/Submit) id j4AJTpZK010325; Tue, 10 May 2005 15:29:51 -0400 (EDT) (envelope-from afields) Date: Tue, 10 May 2005 15:29:51 -0400 From: Allan Fields To: mrhino@hushmail.com Message-ID: <20050510192951.GA4358@afields.ca> References: <20050510110955.8B1AF36AF1@mailserver5.hushmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050510110955.8B1AF36AF1@mailserver5.hushmail.com> User-Agent: Mutt/1.4i cc: freebsd-geom@freebsd.org Subject: Re: GBDE container file backup question X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 May 2005 19:29:52 -0000 On Tue, May 10, 2005 at 04:09:51AM -0700, mrhino@hushmail.com wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, > Apologies in advance if this isn't the right place to be asking > this question: > > I've got a gbde partition based on an image file, private.img. > I also have a lock file as per the instructions - /etc/gbde/md9 > > It's all working fine, but I want to be able to back it up somehow. > > If I back up private.img and /etc/gbde/md9, is that everything I Yes. (You can store the lock files separate from the encrypted volume for maximum security.) > need to do to be able to restore the encrypted partition? The lock > file seems awfully small to be an encryption key (compared to the > PGP keys I'm familiar with). It doesn't contain the encrypted keys or key material itself. It contains the encrypted location of the lock sectors and requires the pass phrase to obtain the master keys from the volume. > What about the 'keys' mentioned in the handbook - I created 2 keys > during the init, but I'm not sure where they are. Are they > analagous to my PGP private keys, or what? Do I need to back them > up somewhere? Do they have the same password? No, the key scheme is not a public key system. The pass phrase material is used symmetrically (same key to encrypte/decrypt), as AES is a symmetric cipher. Implementation of public keys is something to look forward to in the future. Some vnode-level solutions are integrating diverse key schemes. > Any advice appreciated. You might wish to read the very instructive paper by phk, found: http://phk.freebsd.dk/pubs/ > Yours, > Mark > -----BEGIN PGP SIGNATURE----- > Note: This signature can be verified at https://www.hushtools.com/verify > Version: Hush 2.4 > > wkYEARECAAYFAkKAlnYACgkQy7ADd7v2HyaSngCaAkYwBsqH3/3DBrrf/lXQjlaN2qsA > oIkbjdtl2BBFhRY6CKs5uO9phVq2 > =m5yy > -----END PGP SIGNATURE----- -- Allan Fields From owner-freebsd-geom@FreeBSD.ORG Tue May 10 21:16:12 2005 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6154416A4CE for ; Tue, 10 May 2005 21:16:12 +0000 (GMT) Received: from smtp3.hushmail.com (smtp3.hushmail.com [65.39.178.135]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0F13A43D9E for ; Tue, 10 May 2005 21:16:12 +0000 (GMT) (envelope-from mrhino@hushmail.com) Received: from smtp3.hushmail.com (localhost.hushmail.com [127.0.0.1]) by smtp3.hushmail.com (Postfix) with SMTP id DE3CEA33EA for ; Tue, 10 May 2005 14:16:09 -0700 (PDT) Received: from mailserver5.hushmail.com (mailserver5.hushmail.com [65.39.178.19]) by smtp3.hushmail.com (Postfix) with ESMTP for ; Tue, 10 May 2005 14:16:09 -0700 (PDT) Received: by mailserver5.hushmail.com (Postfix, from userid 65534) id 7FB3337B4D; Tue, 10 May 2005 14:16:09 -0700 (PDT) Date: Tue, 10 May 2005 14:16:03 -0700 To: Cc: From: Message-Id: <20050510211609.7FB3337B4D@mailserver5.hushmail.com> Subject: Re: GBDE container file backup question X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 May 2005 21:16:12 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thanks for that; much appreciated. I had read that paper, several times, but hadn't quite understood that the lock file simply pointed to the lock sectors on the device. Thanks again, Mark On Tue, May 10, 2005 at 04:09:51AM -0700, mrhino@hushmail.com wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, > Apologies in advance if this isn't the right place to be asking > this question: > > I've got a gbde partition based on an image file, private.img. > I also have a lock file as per the instructions - /etc/gbde/md9 > > It's all working fine, but I want to be able to back it up somehow. > > If I back up private.img and /etc/gbde/md9, is that everything I Yes. (You can store the lock files separate from the encrypted volume for maximum security.) > need to do to be able to restore the encrypted partition? The lock > file seems awfully small to be an encryption key (compared to the > PGP keys I'm familiar with). It doesn't contain the encrypted keys or key material itself. It contains the encrypted location of the lock sectors and requires the pass phrase to obtain the master keys from the volume. > What about the 'keys' mentioned in the handbook - I created 2 keys > during the init, but I'm not sure where they are. Are they > analagous to my PGP private keys, or what? Do I need to back them > up somewhere? Do they have the same password? No, the key scheme is not a public key system. The pass phrase material is used symmetrically (same key to encrypte/decrypt), as AES is a symmetric cipher. Implementation of public keys is something to look forward to in the future. Some vnode-level solutions are integrating diverse key schemes. > Any advice appreciated. You might wish to read the very instructive paper by phk, found: http://phk.freebsd.dk/pubs/ > Yours, > Mark > -----BEGIN PGP SIGNATURE----- > Note: This signature can be verified at https://www.hushtools.com/verify > Version: Hush 2.4 > > wkYEARECAAYFAkKAlnYACgkQy7ADd7v2HyaSngCaAkYwBsqH3/3DBrrf/lXQjlaN2qsA > oIkbjdtl2BBFhRY6CKs5uO9phVq2 > =m5yy > -----END PGP SIGNATURE----- - -- Allan Fields _______________________________________________ freebsd-geom@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-geom To unsubscribe, send any mail to "freebsd-geom- unsubscribe@freebsd.org" -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.4 wkYEARECAAYFAkKBJIcACgkQy7ADd7v2HyZvDACfY5VsU4s9kdFMyx/YNVGOigK73hIA n0QGSh2ySvqldeCVyuuC1F/E81h4 =fdpq -----END PGP SIGNATURE-----