Hello list!
I have set up a striped mirror;
Name Status Components
mirror/gmirror0 COMPLETE ada0 (ACTIVE)
ada1 (ACTIVE)
mirror/gmirror1 COMPLETE ada2 (ACTIVE)
ada3 (ACTIVE)
Name Status Components
stripe/stripe0 UP mirror/gmirror0
mirror/gmirror1
/dev/stripe/stripe0 1.8T 4.0K 1.8T 0% /raid10
Now I want to encrypt it, but is that wise? I mean you can remove a
disk from the mirror, won't that break the encryption? And the
mirror/stripe.
Encrypt the disks/partitions themselves, not the stripe or mirror. You
can then create mirrors of the resulting *.eli device nodes, then create
a stripe from the mirrors. You can unlock the disks/partitions at boot
thus:
1) First, run `geli configure -b <disk/partition>` on each encrypted
disk/partition, so you will be prompted for the passphrase for each
encrypted partition during boot.
2) Next, add the line 'geom_eli_passphrase_prompt=YES' to the file
/boot/loader.conf. This will add a passphrase prompt the boot menu,
allowing you to enter the passphrase for the disks one time only,
before the boot process begins.
--
:: Brandon J. Wandersee
:: ***@gmail.com
:: --------------------------------------------------
:: 'The best design is as little design as possible.'
:: --- Dieter Rams ----------------------------------