Date: Thu, 16 Sep 2010 15:22:27 -0400 From: "Andriy Bakay" <andriy@irbisnet.com> To: "freebsd-fs@freebsd.org" <freebsd-fs@freebsd.org> Subject: ZFS + GELI data integrity Message-ID: <op.vi433pxp6f601j@prime.irbisnet.com>
next in thread | raw e-mail | index | archive | help
Hi list(s), I am using ZFS on top of GELI. Does exists any practical reason to enable GELI data authentication (data integrity) underneath of ZFS? I understand GELI data integrity is cryptographically strong -- up to HMAC/SHA512, but ZFS has SHA256 checksum. GELI linked data to sector and will detect if somebody move data around, but my understanding is to move data around consistently one need to decrypt it which is very difficult. Correct me if I wrong. Any thoughts? Thanks, Andriy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?op.vi433pxp6f601j>