Date: Wed, 01 Jun 2016 12:57:56 -0500 From: Brandon J. Wandersee <brandon.wandersee@gmail.com> To: Bernt Hansson <bah@bananmonarki.se> Cc: "freebsd-questions\@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: Striped mirror raid10 Message-ID: <86lh2okd0b.fsf@WorkBox.Home> In-Reply-To: <d1d66292-c6be-a26c-4d0b-809fa96e1792@bananmonarki.se> References: <d1d66292-c6be-a26c-4d0b-809fa96e1792@bananmonarki.se>
next in thread | previous in thread | raw e-mail | index | archive | help
Bernt Hansson writes: > Hello list! > > I have set up a striped mirror; > > root@testbox:~ # gmirror status > Name Status Components > mirror/gmirror0 COMPLETE ada0 (ACTIVE) > ada1 (ACTIVE) > mirror/gmirror1 COMPLETE ada2 (ACTIVE) > ada3 (ACTIVE) > root@testbox:~ # gstripe status > Name Status Components > stripe/stripe0 UP mirror/gmirror0 > mirror/gmirror1 > > /dev/stripe/stripe0 1.8T 4.0K 1.8T 0% /raid10 > > Now I want to encrypt it, but is that wise? I mean you can remove a > disk from the mirror, won't that break the encryption? And the > mirror/stripe. Encrypt the disks/partitions themselves, not the stripe or mirror. You can then create mirrors of the resulting *.eli device nodes, then create a stripe from the mirrors. You can unlock the disks/partitions at boot thus: 1) First, run `geli configure -b <disk/partition>` on each encrypted disk/partition, so you will be prompted for the passphrase for each encrypted partition during boot. 2) Next, add the line 'geom_eli_passphrase_prompt=YES' to the file /boot/loader.conf. This will add a passphrase prompt the boot menu, allowing you to enter the passphrase for the disks one time only, before the boot process begins. -- :: Brandon J. Wandersee :: brandon.wandersee@gmail.com :: -------------------------------------------------- :: 'The best design is as little design as possible.' :: --- Dieter Rams ----------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86lh2okd0b.fsf>