Date: Thu, 27 Feb 2014 19:01:43 +0100 From: "Michael Ross" <gmx@ross.cx> To: Polytropon <freebsd@edvax.de>, "Erich Dollansky" <erichsfreebsdlist@alogt.com> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Simple disk encryption for off-site backup Message-ID: <op.xbycc51xg7njmm@michael-think> In-Reply-To: <20140227233053.03e44b32@X220.alogt.com> References: <20140227045904.5ba67227.freebsd@edvax.de> <20140227233053.03e44b32@X220.alogt.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 27 Feb 2014 16:30:53 +0100, Erich Dollansky <erichsfreebsdlist@alogt.com> wrote: > Hi, > > On Thu, 27 Feb 2014 04:59:04 +0100 > Polytropon <freebsd@edvax.de> wrote: > >> I'm planning to add a new disk next month to my home setup. >> It should be an external USB disk for off-site (really!) >> backup. That's why I would like to see the content encrypted. >> I have no problem with entering a long passphrase when mounting >> the disk for backup or restore operations, and probably I would >> not feel safe enough by just using keys (stored somewhere). >> The file system will be UFS, so there is no need to worry that >> some other OS or "Windows" would not be able to read it. :-) >> >> My question is: What is the _easiest_ mechanism to initialize >> a disk for encrypted use? It should work with FreeBSD 9 and 10 >> in the first place. >> >> > I use geli. > > There is a huge problem in geli which is not documented. If you create > a container with FreeBSD 10, FreeBSD 9 will not be able access it. You > must use the oldest version of FreeBSD which is supposed to work with > the disk to create the encrypted container. This would be 9.x in your > case. > > Erich Theoretically you should be able to ``geli init -V <metadata-version>''. Never tried it though. There's a list of metadata versions at the end of the man page, with FreeBSD 10 still missing ( has v7 ). Regards, Michael > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?op.xbycc51xg7njmm>