1 |
On Wed, 14 May 2014 01:09:17 +0200, Stefan G. Weichinger wrote: |
2 |
|
3 |
> >> How to transform partitions/directories set up with cryptsetup |
4 |
> >> into this new world? Set up a btrfs on top of the crypted fs ? I |
5 |
> >> ask because I look for a clean setup for my 2 thinkpads. |
6 |
> > |
7 |
> > Encrypt the partition(s) with cryptsetup and them use the devices |
8 |
> > in /dev/mapper to create the volumes. That's how I have my ZFS |
9 |
> > pools set up and I'm looking to do the same when I try BTRFS. |
10 |
> |
11 |
> Doesn't that screw up the whole idea of checksumming etc ? |
12 |
|
13 |
Not to my mind. The bits are recorded and checksummed, that's what |
14 |
matters. If a bit on a platter is flipped, the decrypted bits will also |
15 |
change. |
16 |
|
17 |
> In my understanding the FS (=btrfs or zfs) should have the direct |
18 |
> contact to the "metal" (=hdd/sdd) to be fully able to detect bitrot |
19 |
> and stuff. |
20 |
|
21 |
It is a recommended method of encryption in the BTRFS FAQ. |
22 |
|
23 |
https://btrfs.wiki.kernel.org/index.php/FAQ#Does_btrfs_support_encryption.3F |
24 |
|
25 |
As btrfs does not support encryption itself, this or ecryptfs are the |
26 |
only options. |
27 |
|
28 |
|
29 |
-- |
30 |
Neil Bothwick |
31 |
|
32 |
ASSISTANT MANAGER: Feminine form of the word manager (q.v.). |