Date: Sun, 21 Sep 2008 01:06:24 +0200 From: Fabian Keil <fk@fabiankeil.de> To: Steve Bertrand <steve@ibctech.ca> Cc: freebsd-stable@freebsd.org Subject: Re: GELI encrypted ZFS zpool Message-ID: <20080921010624.7c4e5143@fabiankeil.de> In-Reply-To: <48D40EE2.5090900@ibctech.ca> References: <48D40EE2.5090900@ibctech.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Steve Bertrand <steve@ibctech.ca> wrote: > I have an older storage box that I've upgraded to -stable. It currently > uses 7 SCSI disks mashed together with gstripe. > > I've recently replaced this box with a new one running a ZFS setup. I'm > now wanting to turn the old one into a storage device running ZFS, but I > want the entire pool encrypted with GELI. > > I know I can do this, but my requirements are as such: > > - use a key on external media to access the GELI encrypted disks > - not have to type in the passphrase for each physical disk > > ...is this possible? It should be possible if you use keyfiles without password for the vdevs and store those keyfiles on a geli encrypted slice that uses both a keyfile and a passphrase. Fabian [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAkjVgfAACgkQSMVSH78upWMikgCeJ8PchOQdy6Uw4nU6ACGHDe3a 8lwAmgNE1dlHKRakf/mxMQiss3s/2Ysh =Km01 -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080921010624.7c4e5143>