Date: Sun, 21 Sep 2008 01:06:24 +0200 From: Fabian Keil <fk@fabiankeil.de> To: Steve Bertrand <steve@ibctech.ca> Cc: freebsd-stable@freebsd.org Subject: Re: GELI encrypted ZFS zpool Message-ID: <20080921010624.7c4e5143@fabiankeil.de> In-Reply-To: <48D40EE2.5090900@ibctech.ca> References: <48D40EE2.5090900@ibctech.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_/L56MD.v=oCuNqTXjsrO.cnU Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Steve Bertrand <steve@ibctech.ca> wrote: > I have an older storage box that I've upgraded to -stable. It currently > uses 7 SCSI disks mashed together with gstripe. >=20 > I've recently replaced this box with a new one running a ZFS setup. I'm > now wanting to turn the old one into a storage device running ZFS, but I > want the entire pool encrypted with GELI. >=20 > I know I can do this, but my requirements are as such: >=20 > - use a key on external media to access the GELI encrypted disks > - not have to type in the passphrase for each physical disk >=20 > ...is this possible? It should be possible if you use keyfiles without password for the vdevs and store those keyfiles on a geli encrypted slice that uses both a keyfile and a passphrase. Fabian --Sig_/L56MD.v=oCuNqTXjsrO.cnU Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAkjVgfAACgkQSMVSH78upWMikgCeJ8PchOQdy6Uw4nU6ACGHDe3a 8lwAmgNE1dlHKRakf/mxMQiss3s/2Ysh =Km01 -----END PGP SIGNATURE----- --Sig_/L56MD.v=oCuNqTXjsrO.cnU--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080921010624.7c4e5143>