Skip to content
/ zfscrypt Public

Multi-disk encryption management tool for ZFS on FreeBSD

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mxk/zfscrypt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
zfscrypt
zfscrypt
 
 

Repository files navigation

zfscrypt

Multi-disk encryption management tool for ZFS.

Until native ZFS encryption is implemented in FreeBSD, disks must be encrypted using geli(8). This script provides commands for managing multiple encrypted disks as one unit (i.e. without requiring multiple passphrases).

Disks are encrypted using keyfiles, which are kept in an encrypted keystore. The keystore is a small file-backed memory disk containing a UFS2 file system. To attach ZFS disks, the user enters their passphrase for the keystore, which then provides access to the keyfiles. A backup copy of the keystore is maintained in a dedicated partition on each member disk.

For more information run zfscrypt help.

Example

zfscrypt newks
zfscrypt init ada0 ada1 ada2
zfscrypt attach
zpool create tank raidz /dev/gpt/*.eli

About

Multi-disk encryption management tool for ZFS on FreeBSD

Topics

freebsd encryption zfs

Resources

Readme
Activity

Stars

2 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages