A quick-start guide to OpenZFS native encryption
Read Time:55 Second

A quick-start guide to OpenZFS native encryption

0 0

Enlarge / On-disk encryption is a complex topic, but this article should give you a solid handle on OpenZFS’ implementation. (credit: Paul Downey / Flickr)

One of the many features OpenZFS brings to the table is ZFS native encryption. First introduced in OpenZFS 0.8, native encryption allows a system administrator to transparently encrypt data at-rest within ZFS itself. This obviates the need for separate tools like LUKS, VeraCrypt, or BitLocker.

OpenZFS encryption algorithm defaults to either aes-256-ccm (prior to 0.8.4) or aes-256-gcm (>= 0.8.4) when encryption=on is set. But it may also be specified directly. Currently supported algorithms are:

aes-128-ccm
aes-192-ccm
aes-256-ccm (default in OpenZFS < 0.8.4)
aes-128-gcm
aes-192-gcm
aes-256-gcm (default in OpenZFS >= 0.8.4)

There’s more to OpenZFS native encryption than the algorithms used, though—so we’ll try to give you a brief but solid grounding in the sysadmin’s-eye perspective on the “why” and “what” as well as the simple “how.”

Read 49 remaining paragraphs | Comments

About Post Author

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Previous post The chip shortage will likely get worse before it gets better
Next post EA confirms Battlefield 2042 will use bots to help fill its 128-player servers