Hi everyone, I have an older storage box that I've upgraded to -stable. It currently uses 7 SCSI disks mashed together with gstripe. I've recently replaced this box with a new one running a ZFS setup. I'm now wanting to turn the old one into a storage device running ZFS, but I want the entire pool encrypted with GELI. I know I can do this, but my requirements are as such: - use a key on external media to access the GELI encrypted disks - not have to type in the passphrase for each physical disk ...is this possible? Here is a reference to what I am after: (Google Groups): http://tinyurl.com/4xrysl Thanks for any consideration, Steve
Steve Bertrand <steve@ibctech.ca> wrote:> I have an older storage box that I've upgraded to -stable. It currently > uses 7 SCSI disks mashed together with gstripe. > > I've recently replaced this box with a new one running a ZFS setup. I'm > now wanting to turn the old one into a storage device running ZFS, but I > want the entire pool encrypted with GELI. > > I know I can do this, but my requirements are as such: > > - use a key on external media to access the GELI encrypted disks > - not have to type in the passphrase for each physical disk > > ...is this possible?It should be possible if you use keyfiles without password for the vdevs and store those keyfiles on a geli encrypted slice that uses both a keyfile and a passphrase. Fabian -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 195 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20080920/a7af919c/signature.pgp