I forgot about lofi zones/$UUID--lofi-backend0 ---> /dev/$UUID--lofi-device0
vmadm get $UUID | json disks | grep zfs_filesystem zfs_filesystem": "zones/$UUID--lofi-device0" or something like the above On Sat, Mar 14, 2015 at 5:11 PM, Richard Elling < [email protected]> wrote: > > On Mar 14, 2015, at 2:08 PM, Jonathan Paget via smartos-discuss < > [email protected]> wrote: > > >> Are there any encryption options? > > Your only real option is for a KVM guest to use encryption inside a Zone > (CentOS and Ubuntu offer encryption at their install screens). Some > people use ZVOLs as back-ends for FreeBSD's GELI on FreeBSD, or use GELI to > encrypt the underlying vdevs of their zpool, but FreeBSD Jails aren't > anywhere near a complete alternative to zones. > > > lofi on SmartOS, managed with the lofiadm command. There would be some > assembly required, but shouldn't need any new code. > -- richard > > > If you need to run Windows guests, you could probably find a way to > PXE-boot them off of iSCSI targets (running in another Zone) that have > encrypted back-ends or just have them use Samba to access encrypted volumes. > > > Yes I understand everything I typed above is very ugly. I would really > like to see encrypted added to the illumos/ZFS or OpenZFS feature set, > would do it myself if I currently held the necessary skillset. > > > On Sat, Mar 14, 2015 at 2:00 PM, George Linn via smartos-discuss < > [email protected]> wrote: > >> Are there any encryption options? Specifically if the SmartOS >> installation is used primarily for hosting Zones. Could sleep better >> knowing that if my machine was physically compromised my data would be a >> bit more difficult to access. >> >> ------------------------------ >> *From:* Brian Bennett via smartos-discuss < >> [email protected]> >> *To:* [email protected]; George Linn < >> [email protected]> >> *Sent:* Saturday, March 14, 2015 4:29 PM >> *Subject:* Re: [smartos-discuss] ZFS encryption >> >> ZFS encryption was integrated into Solaris 11 after OpenSolaris updates >> stopped. That's not to say it couldn't be added, but it hasn't been a >> priority so far. >> >> -- >> Brian Bennett >> Systems Engineer, Cloud Operations, Joyent, Inc. >> 655 Montgomery St., Suite 1600 | San Francisco | California | 94111 >> [email protected] | www.joyent.com >> office 415-400-0645 | mobile 619-663-IPv6 >> >> >> >> On Mar 14, 2015, at 11:17 AM, George Linn via smartos-discuss < >> [email protected]> wrote: >> >> After some searching, it seems that there is no integrated encryption for >> ZFS in SmartOS that would allow something like the following to happen: >> >> *zfs create -o encryption=on rpool/export/somthing* >> >> Can encryption be used with ZFS at all on SmartOS? I see some examples >> of creating encrypted block devices in OpenIndiana but I am not sure how >> this is helpful in a general sense on SmartOS since my disk space is all >> allocated during the initial installation of SmartOS. >> >> >> *smartos-discuss* | Archives >> <https://www.listbox.com/member/archive/184463/=now> >> <https://www.listbox.com/member/archive/rss/184463/26986985-d0246faa> | >> Modify <https://www.listbox.com/member/?&;> Your Subscription >> <http://www.listbox.com/> >> >> >> >> >> >> >> >> ------------------------------------------- >> smartos-discuss >> Archives: https://www.listbox.com/member/archive/184463/=now >> RSS Feed: >> https://www.listbox.com/member/archive/rss/184463/26967883-1315225c >> Modify Your Subscription: https://www.listbox.com/member/?&; >> Powered by Listbox: http://www.listbox.com >> >> >> *smartos-discuss* | Archives >> <https://www.listbox.com/member/archive/184463/=now> >> <https://www.listbox.com/member/archive/rss/184463/26912851-a47b45cc> | >> Modify <https://www.listbox.com/member/?&;> Your Subscription >> <http://www.listbox.com/> >> > > *smartos-discuss* | Archives > <https://www.listbox.com/member/archive/184463/=now> > <https://www.listbox.com/member/archive/rss/184463/21953302-fd56db47> | > Modify > <https://www.listbox.com/member/?&;> > Your Subscription <http://www.listbox.com/> > > > ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
