1. I

    What kind of encryption do you recommend?

    I am new to BSD. What I'd like to do is mirroring two SSDs and encrypting everything that is possible. I mean the entire OS and even the swap partition (I guess BSD has one too). As far as I understand as long as the motherboard does not support booting with encrypted disks I have to keep the...
  2. Petr Fischer

    Solved How to mount FreeBSD 12 GELI encrypted ZFS root manually?

    Hello! I have FreeBSD 12 installation with GELI encrypted ZFS root partition (created automatically from the installer). But now, my HW died and I need to import and mount the root filesystem as external disk. How can I mount this GELI encrypted ZFS root partition manually please? Note: In the...
  3. rigoletto@

    ETSI releases cryptographic standards for secure access control

    ETSI releases cryptographic standards for secure access control.
  4. stratacast1

    ZFS ZFS encrypt existing dataset

    The other day I got a new backup HDD so I can rotate my external disks and take them offsite in case my house blows up. I enjoy disk encryption on these sorts of drives that will be stored safely and the data is inaccessible. However, after backing up my data I realized that I didn't employ ZFS...
  5. skowroniasty

    Other full disk encryption software

    Helo, I want encrypt external USB drive, at this moment I use dm-crypt (XFS filesystem), but I cannot read this drive under freeBSD. Do you know any software, which can encrypt drive and it will work on Linux and FreeBSD? At this moment i think about TrueCrypt,but maybe you know something better.
  6. nielsk

    Encrypting home on a system already in use

    I set up my FreeBSD-desktop nearly a year ago but with unencrypted disks (please don't ask…). Now I am in the need to encrypt at least the home directory of my user. What would be the best way to do that without reinstalling my system? I have two disks in one zpool-mirror taking up the whole...
  7. S

    Solved gbde for USB connected disk?

    I'm intending to encrypt a disk to be used for date backups via a USB connected external drive enclosure (Sabrent). gbde looks like the way to go but I don't see specific mention in the handbook about its use when mounting a disk after system boot. Anyone here have experience in this? thanks!
  8. A

    ZFS FreeBSD 11.1 geli keys from bsd-installer

    Hi, I'm new to FreeBSD and learning about geli encryption. I've setup a system using the FreeBSD 11.1 installer. The storage setup is 4x 6TB disks using zfs. Using the installer I chose a RAID 1+0 setup (using all four disks), with full-disk encryption. The installer created 2 zfs pools...
  9. sHagen

    uefi + geli + zfs: password twice?

    Hello, I have exactly the same problem, which is also described in this thread. However, the solution does not work for me. Before the beastie menu, the boot loader asks for the password. No matter what I enter there, the boot process continues. Later, when the root system is to be mounted...
  10. NapoleonWils0n

    Geli encrypted container with zfs, truecrypt replacement

    FreeBSD Geli encrypted container FreeBSD geli encrypted container with zfs, truecrypt replacement Code on Github Support for geli is available as a loadable kernel module. To configure the system to automatically load the module at boot time, add the following line to /boot/loader.conf...
  11. T

    ZFS Questions about encryption and backup

    I'm new to FreeBSD but I have experience with Linux distributions. I'm very happy with FreeBSD so far. I used the guided encryption zfs option also I have raidz with 4xHDD. The encryption key is on boot pool at /boot/encryption.key, right? I also have encrypt every HDD with geli use new key and...
  12. I

    Server (NFS,SMB,CUPS,DLNA...)

    Hello everybody, I have just registered here because I am planning a project where I think FreeBSD could be the ideal OS. I am currently running a dual boot system with Arch Linux and Windows 10. Both systems have FDE, Linux with LUKS (LVM) and Windows with Bitlocker, so data can not be easily...
  13. E

    Solved cannot import, "one or more devices is currently unavailable"... but all devices present and ONLINE

    I am an idiot. I have no backup. Nothing critically important, but 6 TB of personal data I would sorely like to recover. I solemnly swear to create real backups first, before anything else, if I can get this working again. I'm a newbie to FreeBSD. This new FreeBSD system is replacing an old...
  14. eduardo

    Video: problem configuring PEFS on a home directory

    Hi everyone, I'm having a problem configuring PEFS on a user's home folder. I made a video of me following along with a very nice tutorial on YouTube by bufo333. Despite following all of bufo333's steps, my computer is not mounting the user's directory upon reboot. The video I made shows me...
  15. M

    Startup hosting and sleeping well (encryption)

    I’ve never been in a server room from which I could not steal a random hard drive without getting caught, if I wanted. I have been in server hosting companies’ rooms in more than one countries. Should I find one that employs guards with machine guns, still there is a point from which it isn’t...
  16. sku1d

    Solved Question about disk encryption: Why the master key always gets stored on the encrypted disk?

    I have read a lot about gbde, geli and dm-crypt under linux, but a question remains: Why would iI store my master key on the disk? Seriously! Anybody could rip the metadata off the disk in no time and brute force the password in a cluster without even having additional encrypted sample data...
  17. P

    Cannot kldload pefs from compiled port

    Hello, I am trying to install sysutils/pefs-kmod on a FreeBSD 10.1 box: FreeBSD 10.1-RELEASE-p19 FreeBSD 10.1-RELEASE-p19 #0: Sat Aug 22 03:55:09 UTC 2015 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 with the following hardware: CPU: Intel(R) Atom(TM) CPU D525 @...
  18. aorchid

    Other geli and external firewire drive boot question

    Hello, I have multiple internal drives that are encrypted with geli via a password only. I am running 10.1 presently, and upon reboot I am asked for a password to decrypt the drives and continue the boot process. I do not have anything in /boot/loader.conf about them, other than instructing it...