- Joined
- May 17, 2014
- Messages
- 3,611
The recent GITHUB pull requests for native ZFS encryption for Linux got me curious. I have my old media server just hanging around, so I set up a test. It took 10 times longer to copy and update the Linux OS than it did for my ZFS native encryption testing. (Basically I copied my new media server Linux' OS to my old media server, then made the modifications and updates. ZFS send & receive to the rescue!)
The encryption seemed to work flawless. I used a simple setup, so no encrypted root and no auto-mounting at boot. Plus, used a passphrase not key. A reboot and verification of the data worked perfectly.
All that said, I still would not use this in production. I may submit a few updates to the manual page, since it lacked a few details. But, I need to re-read it and compose my suggestion(s) carefully.
I do understand encryption to some degree, but I would not consider myself an expert. So beyond usability features, documentation and any data loss investigation, I would not be able to help.
Anyone here have straight forward questions?
Edit: Added link to Tom's video on OpenZFS encryption;
https://www.youtube.com/watch?v=frnLiXclAMo
The encryption seemed to work flawless. I used a simple setup, so no encrypted root and no auto-mounting at boot. Plus, used a passphrase not key. A reboot and verification of the data worked perfectly.
All that said, I still would not use this in production. I may submit a few updates to the manual page, since it lacked a few details. But, I need to re-read it and compose my suggestion(s) carefully.
I do understand encryption to some degree, but I would not consider myself an expert. So beyond usability features, documentation and any data loss investigation, I would not be able to help.
Anyone here have straight forward questions?
Edit: Added link to Tom's video on OpenZFS encryption;
https://www.youtube.com/watch?v=frnLiXclAMo
Last edited: