Recent GELI additions.
Pawel Jakub Dawidek
pjd at FreeBSD.org
Sat Sep 25 17:49:55 UTC 2010
Hi.
I'd like to inform about three new features in GELI available in HEAD:
1. AES-XTS encryption. XTS mode is a standard that is recommended these
days for storage encryption. This is the default now. AES-XTS support
was also added to opencrypto framework and aesni(4) driver.
2. Multiple encryption keys. GELI will use one encryption key for at
most 2^20 blocks (sectors), as it is not recommended to use the same
encryption key for too much data. It generates keys array from the
master key on attach and uses it accordingly. This is the default now.
3. Passphrase can now be loaded from a file (-J and -j options).
--
Pawel Jakub Dawidek http://www.wheelsystems.com
pjd at FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20100925/b6baa454/attachment.pgp
More information about the freebsd-current
mailing list