Hi @misc,
Is there anything problematic about encrypting vnode devices with
softraid0? I made this work on two USB drives and it seems to be fine.
For example, if I have a pre-existing external RAID5 array with 20TB of
pooled storage (filesystem type 4.2BSD), and I want to encrypt a 2TB
portion of it.
Create a 2TB file:
# dd if=/dev/urandom of=/mnt/cryptfile bs=1g count=2000
Create and format the vnode:
# vnconfig vnd0 /mnt/cryptfile
# fidisk -iy -g -b 960 vnd0
# disklabel -E vnd0 (Make one big 'a' partition of type 'RAID')
Create and format the crypto device, using a keydisk:
# bioctl -c C -k sd2a -l vnd0a softraid0
(device attached as sd3)
# dd if=/dev/zero of=/dev/rsd3c bs=1m count=1
# fdisk -iy -g -b 960 sd3
# disklabel -E sd3 (Make one big 'a' partition of type 4.2BSD)
# newfs sd3a
Mount the crypto device:
# mount /dev/sd3a /mnt/crypto_device
I feel like this method offers flexibility for those who don't need
full-disk encryption.
