| 1 |
On Wed, 14 May 2014 01:09:17 +0200, Stefan G. Weichinger wrote: |
| 2 |
|
| 3 |
> >> How to transform partitions/directories set up with cryptsetup |
| 4 |
> >> into this new world? Set up a btrfs on top of the crypted fs ? I |
| 5 |
> >> ask because I look for a clean setup for my 2 thinkpads. |
| 6 |
> > |
| 7 |
> > Encrypt the partition(s) with cryptsetup and them use the devices |
| 8 |
> > in /dev/mapper to create the volumes. That's how I have my ZFS |
| 9 |
> > pools set up and I'm looking to do the same when I try BTRFS. |
| 10 |
> |
| 11 |
> Doesn't that screw up the whole idea of checksumming etc ? |
| 12 |
|
| 13 |
Not to my mind. The bits are recorded and checksummed, that's what |
| 14 |
matters. If a bit on a platter is flipped, the decrypted bits will also |
| 15 |
change. |
| 16 |
|
| 17 |
> In my understanding the FS (=btrfs or zfs) should have the direct |
| 18 |
> contact to the "metal" (=hdd/sdd) to be fully able to detect bitrot |
| 19 |
> and stuff. |
| 20 |
|
| 21 |
It is a recommended method of encryption in the BTRFS FAQ. |
| 22 |
|
| 23 |
https://btrfs.wiki.kernel.org/index.php/FAQ#Does_btrfs_support_encryption.3F |
| 24 |
|
| 25 |
As btrfs does not support encryption itself, this or ecryptfs are the |
| 26 |
only options. |
| 27 |
|
| 28 |
|
| 29 |
-- |
| 30 |
Neil Bothwick |
| 31 |
|
| 32 |
ASSISTANT MANAGER: Feminine form of the word manager (q.v.). |
Archives