Date: Tue, 3 Sep 2013 08:53:32 -0600 From: Alan Somers <asomers@freebsd.org> To: Florent Peterschmitt <florent@peterschmitt.fr> Cc: freebsd-hackers@freebsd.org Subject: Re: Zfs encryption property for freebsd 8.3 Message-ID: <CAOtMX2hdbY52Wh=B=ByrX7BM%2B-hHNnbtKG9S_uMBCLT5pEE-gw@mail.gmail.com> In-Reply-To: <5225D49B.2080807@peterschmitt.fr> References: <226721378210462@web15j.yandex.ru> <5225D49B.2080807@peterschmitt.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Sep 3, 2013 at 6:22 AM, Florent Peterschmitt <florent@peterschmitt.fr> wrote: > Le 03/09/2013 14:14, Emre =C7amalan a =E9crit : >> Hi, >> I want to encrypt some disk on my server with Zfs encryption property bu= t it is not available. > > "That would require ZFS v30. As far as I am aware Oracle has not > released the code under CDDL." Oracle's ZFS encryption is crap anyway. It works at the filesystem level, not the pool level, so a lot of metadata is in plaintext; I don't remember how much exactly. It's also highly vulnerable to watermarking attacks. > > From http://forums.freebsd.org/showthread.php?t=3D30036 > > So you can use ZFS pools on GELI volumes, it can be a good start. I not > play with it. GELI is full-disk encryption. It's far superior to ZFS encryption. > > -- > Florent Peterschmitt | Please: > florent@peterschmitt.fr | * Avoid HTML/RTF in E-mail. > +33 (0)6 64 33 97 92 | * Send PDF for documents. > http://florent.peterschmitt.fr | * Trim your quotations. Really. > Proudly powered by Open Source | Thank you :) >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOtMX2hdbY52Wh=B=ByrX7BM%2B-hHNnbtKG9S_uMBCLT5pEE-gw>