Date: Mon, 26 Apr 2021 17:04:35 -0400 From: mike tancsa <mike@sentex.net> To: Peter Libassi <peter@libassi.se> Cc: FreeBSD-STABLE Mailing List <freebsd-stable@freebsd.org> Subject: Re: zfs native encryption best practices on RELENG13 Message-ID: <c3b59fb0-21d1-625f-865d-307b374d0dbf@sentex.net> In-Reply-To: <4CFAA2E3-F8B0-41F3-BA2D-4802FC138E8C@libassi.se> References: <e79a8278-0fd8-532f-2a72-87d43cf27e7a@sentex.net> <56a4a35f-b4d7-661a-f59b-8cd399784e6e@delphij.net> <4CFAA2E3-F8B0-41F3-BA2D-4802FC138E8C@libassi.se>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4/23/2021 11:47 PM, Peter Libassi wrote: > Yes, I’ve come to the same conclusion. This should be used on a > data-zpool and not on the system-pool (zroot). Encryption is per > dataset. Also if found that if the encrypted dataset is not mounted of > some reason you will be writing to the parent unencrypted dataset.. At > least it works for encrypted thumb_drive, i just posted this quick > guide https://forums.freebsd.org/threads/freebsd-13-openzfs-encrypted-thumb-drive.80008/ > <https://forums.freebsd.org/threads/freebsd-13-openzfs-encrypted-thumb-drive.80008/>; > > > Thanks, good points to consider! I wonder too if there are any performance differences ---Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c3b59fb0-21d1-625f-865d-307b374d0dbf>