From owner-freebsd-geom@FreeBSD.ORG  Mon Dec 30 22:58:54 2013
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 9381912E
 for <freebsd-geom@freebsd.org>; Mon, 30 Dec 2013 22:58:54 +0000 (UTC)
Received: from mail.tdx.com (mail.tdx.com [62.13.128.18])
 by mx1.freebsd.org (Postfix) with ESMTP id 1CC3A18C2
 for <freebsd-geom@freebsd.org>; Mon, 30 Dec 2013 22:58:53 +0000 (UTC)
Received: from study64.tdx.co.uk (study64.tdx.co.uk [62.13.130.231])
 (authenticated bits=0)
 by mail.tdx.com (8.14.3/8.14.3/) with ESMTP id rBUMwh9H066925
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
 for <freebsd-geom@freebsd.org>; Mon, 30 Dec 2013 22:58:45 GMT
Date: Mon, 30 Dec 2013 22:58:43 +0000
From: Karl Pielorz <kpielorz_lst@tdx.co.uk>
To: freebsd-geom@freebsd.org
Subject: HAST + GELI?
Message-ID: <DEDAAAFBF4A1B918B9D76639@study64.tdx.co.uk>
X-Mailer: Mulberry/4.0.8 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: GEOM-specific discussions and implementations
 <freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom/>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Dec 2013 22:58:54 -0000


Hi All,

As I don't currently have the requisite two boxes to try this... Is it 
likely / possible you can use HAST with GELI? - i.e. to have a highly 
available, but encrypted-on-disk device?

If so are you better of creating GELI devices (i.e. .eli) and running HAST 
on those, or creating HAST devices - and running GELI on those?

Thanks,

-Karl