[Discuss] More Fun in ZFSland

Richard Pieri richard.pieri at gmail.com
Wed May 16 19:59:55 EDT 2012


On May 16, 2012, at 5:41 PM, Mark Woodward wrote:
> 
> If you want to solve a problem, what is the specific problem? and is there a solution that is less of the hoop jumping through kind? Usually when I start 

What hoop-jumping?  Encrypting block devices is the typical method of implementing OTFE on Linux.  In the old days we used the losetup utility to created encrypted block devices.  Today we use device mapper's cryptsetup utility.  I'd have used the same general procedures if I were using dm-raid instead of ZFS.

The problem to solve is that once I decided to encrypt my gaming rig's disks in case a thief breaks in and steals it, I was foolish not to have it's backups encrypted as well.  These backups are on the HP N40L previously discussed.  I'm happy with ZFS and I want to continue using it as the LVM and file system.  ZFS encrypted datasets isn't available in ZFS on Linux or FreeBSD yet which left me with the choice of using encrypted containers on ZFS or encrypted block devices underneath ZFS.

I chose encrypted block devices.  Once I made the decision to encrypt at all it was a simple jump to encrypt everything.  It was a little more work for the initial setup than creating encrypted containers but it will be less work down the line to maintain it.

--Rich P.




More information about the Discuss mailing list