I'am running FreeBSD on my 2 servers with encryption and works like a charm. But i would like to go one step further! Is it possible to encrypt and compress a drive? Like Geli does, typin password at boot-up?

Or is it already possible and i just don't know the name? :stud

http://www.freebsd.org/cgi/man.cgi?query=geom_uzip&sektion=4
could this be useful to you?
you can put this on top of geom_eli, but it's read-only solution

haven't tried though

It is possible with ZFS compression and geli.

It is possible with ZFS compression and geli.

Sounds interesting, could you tell me where i can find more? In Google i find alot of forum topics without a real answer.

Or is it possible to give a password to ZFS, thats fine for me too.

Sounds interesting, could you tell me where i can find more? In Google i find alot of forum topics without a real answer.

Or is it possible to give a password to ZFS, thats fine for me too.

[i haven't tried but this should work]
make encrypted disk/slice/laber with geom_eli and on top of that (when it's attached) put zfs....

you can use keys and/or password to encrypt drive. Also you can make it ask for password and/or key at boot

I am curious about the result, maybe it will degrade the system performance.

I am curious about the result, maybe it will degrade the system performance.

using encryption will always degrade performance a bit.
But it all depends on hardware, and algorithms used

I was surprised that my 500 MHz GEODE CPU on an Alix Board was only at 44% CPU utilization when I copied some GB to a geli encrypted drive, so the performance drop is not sooo much.

Good news, before this I think the hard_disk encryption will consume many resource.
Now I know that for modern computer it is acceptable. :)

Good news, before this I think the hard_disk encryption will consume many resource.
Now I know that for modern computer it is acceptable. :)

I use full HDD encryption on my 4-5year old PC.
Didn't noticed any difference in performance

I too use Geli encryption (24 character password) on my pentium III 500 MHZ, on a 2GB RAID Drive. :-) And sometimes i get a 74% CPU peak but thats it. So Its time to drive it further! What amazes me further that i never expierenced any errors. In windows i'am scared about these things....!!!

I found the following manual:
http://www.ish.com.au/solutions/articles/freebsdzfs

When i add another GB i will try this on my backup server and if it works out i will add it to my primairy server.

The compression will compound the issue. You may notice that encryption does not eat up your entire cpu because you may be running into an i/o or bandwidth limitation on the disks. If you encrypt a ramdisk, every access will peg the cpu because there will be no disk bottleneck..

Compression is going to add another layer of cpu usage, but it will also use less disk bandwidth (because the files are smaller on disk) which will cause you to use more cpu for encryption(again, no disk bottleneck). You will trade a disk bottleneck for a cpu bottleneck.

lzof compression on zfs can use 100% of ANY cpu that you throw at it if you have enough bandwidth. I have an opensolaris, 10 disk zfs raidz2 array and lzof compression can peg 1 core of my 3ghz core2 quad (single thread) and a lot of disk access to compressed files can peg all 4 cores. This is a good thing, id rather peg the cpu and get the operation completed! The downside is that if you are trying to use the cpu for something else then performance will suffer.

is storage space so important on this system? I dont know your system specs but this would be a bad idea on a p3 500mhz or less system, like the geod alix system in a previous post. Your cpu will spend all of it's time reading and writing to the disk and no time doing any real work.

In that case, i will not use it together. Thanx!