Re: Is ZFS native encryption safe to use?
- Reply: Fabian Keil : "Re: Is ZFS native encryption safe to use?"
- In reply to: infoomatic : "Re: Is ZFS native encryption safe to use?"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 13 Sep 2023 11:33:39 UTC
On 24/08/2023 13:08, infoomatic wrote: > On 24.08.23 00:43, Dewayne wrote: >> Thx for the performance hint. Were you using the same cipher on each? > > Yes, I have tried various combinations, but the difference was so huge > that I did not let the benchmarks finish cause I felt it was wasted time > and resources! > > >> On 23/08/2023 5:34 pm, infoomatic wrote: >>> last time (when 13.0 was released) I compared them: >>> >>> *) GELI + normal zfs was significantly faster than encrypted-zfs >>> *) encrypted zfs to share files between Linux and FreeBSD did not work >>> properly, resulting in Files non-readable on FreeBSD >>> Might be obvious, but I should make the point that if you use GELI to encrypt anything on FreeBSD, Linux won't be able to read it so it's just as much of a cross-platform problem as ZFS encryption not being portable. Another observation on the use cases - if you're backing up encrypted ZFS datasets the backups are encrypted; if you backup from GELI they will be clear unless you encrypt them again.