geli encryption

  1. J

    How to manage encryption keys with geli and ZFS?

    Since this is not a hard technical question it was placed in off-topic. Please let me know if I should move it. When using geli encryption on larger ZFS machines, it would seem practical to have all of the disks share the same master key so that the administrator would not have to enter a...
  2. brian

    Solved Encrypted ZFS pool stuck offline

    I have 4 disks in a RAIDZ with geli encryption. I'm currently running FreeNAS 11.2. I'm posting here because their forum doesn't have a great reputation. One of them has been having issues so I decided to pull it and run a quick test to verify things. without thinking I decided to offline the...
  3. M

    Solved Disable geli auto-attach at boot

    I encrypted a partition with geli using the directions in the FreeBSD handbook. Currently, I am asked for a password at boot, and I can use the encrypted partition, which is not mounted as root. Is it possible for me to disable this automatic geli attach so that I can do it manually after boot...
  4. M

    ZFS What's the difference between gbde and geli?

    I want to setup full-disk encryption on ZFS. Which method is better for doing that - gdbe or geli? Which encryption tool is better for encrypting swap and which is better for encrypting single partitions? Which tool has better compatibility with Linux - gdbe or geli? Which tool provides better...
  5. W

    ZFS 1 volume 2 encryption keys

    I have been using freenas 11.1 and I posted on the freenas forums the following I had a RaidZ volume with 4 drives and after detaching the volume I am not able to import the volume. I am getting and error (the following disks failed to attach). I did some looking and I found out that I have 2...
  6. A

    Can't read old UFS1 superblock using GELI (Blowfish-CBC)

    Hello there, just started to explore encryption in FreeBSD and got some questions. Trying to add encrypted partition on FreeBSD10.3 GELI/Blowfish-CBC. AES on / and /swap works fine, but I can't add an additional encrypted partition using Blowfish. Here is the way I did it: # mount -o exec...
  7. A

    Geli with asynchronous chained crypto operations

    Hello, I am writing a driver for PCI crypto card. The driver supports both synch and asynch mode. Problem is when offloading auth+cipher(chained) operations to hardware with geli when driver is in asynch mode. Either writes or reads are always going bad. newfs throws the error "newfs: can't...
  8. A

    FreeBSD 10.2 on GELI Encryption - OS Independent Booting

    PROS: Tow OSes taking full advantage of machine resources CONS: Missing share data capabilities but it is an upcoming fix. So far so good, dual booting Windows 7 and FreeBSD by taking full advantage of the machine resources. The mix involves hosting the FreeBSD root partition on same hard...
Top