hello Al
I know lofi and have even implemented management of lofi encrypted pools
in napp-it. But lofi is not a competitive solution to BSD or Linux disk
encryption for file server use (Lofi is very good to backup a smaller
amount of encrypted data to unsecure places) and by far not competitive
to native Solaris encryption with encryption as a filesystem property
where each filesystem can have its own key.
As I know that Datto has implemented native ZFS encryption with supposed
requests from all Open-ZFS platforms as a superiour solution, I hope
that this will merge into Illumos soon, see
https://www.datto.com/blog/zfs-encryption-will-hopefully-come-to-the-openzfs-community
https://zfs.datto.com/slides/caputi.pdf
The new EU law with fines up to 10 Mio Euro or 2 % of a worldwide volume
of sales even on smaller infringements or 20 Mio Euro or 4% of a
worldwide volume of sales for grave ones may require to force all
efforts to implement technical precautionary measures for a state of the
art data security.
I expect a massive wave of adhortatory letters next year....
Gea
@napp-it.org
Am 25.10.2017 um 13:35 schrieb Al Slater:
Hi Guenther,
On 24/10/17 11:45, Guenther Alka wrote:
Currently Illumos lacks this feature so it may be that this is a
criteria that rules out Illumos based systems in various use cases in
favour of Solaris or BSD/ZoL solutions with disk based encryption.
Illumos does have methods for disk encryption, just not ZFS native yet.
See
https://blogs.oracle.com/darren/encrypting-zfs-pools-using-lofi-crypto
on how to encrypt ZFS volumes
What is the state of native ZFS encryption in Illumos - derived from
Datto/ZoL as encryption moves from a nice to have to an absolutely
mandatory feature then?
------------------------------------------
illumos-discuss
Archives:
https://illumos.topicbox.com/groups/discuss/discussions/Tc490ebf4eeea4b13-M194ec6abf951aefc49743235
Powered by Topicbox: https://topicbox.com
