Date: Sat, 10 Jan 2015 07:38:05 +0800 From: Ben Woods <woodsb02@gmail.com> To: Patryk Hanckowiak <patryk.hanckowiak@e-safeguard.pl> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: custom full disk encryption with ZFS Message-ID: <CAOc73CAoX6zJ1VgVeEfsw7HNBE1fvhKL-aDN3OUBCdgU1t0b5Q@mail.gmail.com> In-Reply-To: <54AFE53C.5050508@e-safeguard.pl> References: <54AFE53C.5050508@e-safeguard.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
> Is there a resource that shows how to create a custom full disk encryption > with ZFS, something similar to LVM on LUKS in Linux? > I use geli(8), which is documented here (scroll down past the alternative gdbe option unless that interests you): https://www.freebsd.org/doc/handbook/disks-encrypting.html As per the previous response, you will need to keep /boot unencrypted to allow freebsd to boot, but the rest of the disk can be encrypted with geli, and zfs running on top of geli. I actually use it slightly differently. Since I don't care about encrypting my operating system files, i keep my data storage on a separate partition or disk, which is encrypted with geli with zfs on top. -- -- From: Benjamin Woods woodsb02@gmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOc73CAoX6zJ1VgVeEfsw7HNBE1fvhKL-aDN3OUBCdgU1t0b5Q>