Date: Wed, 27 May 2009 13:49:22 +0200 From: Ivan Voras <ivoras@freebsd.org> To: freebsd-geom@freebsd.org Subject: Re: Questions on GELI encryption Message-ID: <gvj9bo$9r4$2@ger.gmane.org> In-Reply-To: <cf9b1ee00905270445k179b9354sa44acee91507cfb8@mail.gmail.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] Dan Naumov wrote: > Hello (World) again :) > > Sorry for creating another discussion thread so fast, but I figured > that since the new questions I have do not fall under the scope of > "CPU horsepower requirements for GELI", I thought they deserved a new > one: > > 1) I am reading the Handbook section on GELI ( > http://www.freebsd.org/doc/en/books/handbook/disks-encrypting.html ) > and I am a bit confused. The example > > a) creates a keyfile > b) initializes a provider with the keyfile > c) attaches the provider > d) creates a new filesystem directly on the provider and > e) mounts it > > Now, I am probably missing something very obvious, but are "slices" no > longer a requirement for creating and using an UFS filesystem in > FreeBSD? No, and have not been since introduction of GEOM a long-ish time ago. > 2) The example in the Handbook encrypts the entire drive. If my system > is going to use 1 big drive, I want /home and /data encrypted, while > the rest of the system can stay non-encrypted, how should I go about > doing this? Should I create a single big slice with 1 big root > partition and 2 separated partitions for /home and /data and the > initialise GELI on these specific partitions? Yes. > Can basically anything > be used a a "provider" for GELI? A disk drive, a slice, a partition > inside a slice, a file? Yes, again because of GEOM, not specific to GELI. [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkodKMIACgkQldnAQVacBchpewCglvxSSOdTCr8ScNJMviJ5+8o/ wfwAoIoxTlVBTUB75rnl3hEfFOy+zs4T =++Mb -----END PGP SIGNATURE-----home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?gvj9bo$9r4$2>