Recent comments on posts in the blog:

Does commenting still work?


Comment by blogtest Tue Sep 17 05:05:07 2019

It seems to work :-)


Comment by fj Tue Sep 17 05:05:07 2019
For performance ideas, have a look at Dan Langille's results. He has looked much more at this than I have.
Comment by fj Mon Feb 25 10:21:17 2013

Performance depends on your CPU. If it can not encrypt/decrypt the data fast enough, you are going to wait on it.

My home server is a HP MicroServer N36L. It has an Atom-like dual core CPU, running at 1.3GHz. Not a speedmonster in any way. 4 drives attached, running raidz1.

I can read around 55MB/s from the encrypted ZFS. While doing this, the CPU is maxed out.

If your server has a modern high performance CPU, you will be able to saturate a 1Gb link with no problem.

Comment by fj Fri Feb 22 17:41:17 2013

I've been considering converting my Windows Server 2008r2 setup with 6x3TB in raid 5 to a ZFS built with encryption. So i'd be using FreeBSD 9.1 + GELI + ZFS raidz1 or z2 pool.

What kind of performance can I expect? Can I easily saturate a 1 gbit connection? And how much CPU does it use? Is the performance cpu or hdd bound? And if so, which cpu do you use?

Hopefully you can give me some more insight.


Comment by sukosevato Mon Feb 18 00:24:17 2013

(Sorry about the delay. I have not yet set up monitoring of the comment moderation queue. UPDATE: This has been fixed now)

I do not understand why you would want more than 3 parity disks. The ability to loose 3 disks before loosing data is pretty OK. Are you sure that you are not confusing the number of disks in the pool with the number of parity disks?

As for truecrypt, you might be looking for /usr/ports/security/truecrypt

Comment by fj Thu Aug 30 20:41:17 2012


Thank you for documenting this experiment/observation with others. I really appreciate it. I am a bsd noob trying to covert my system to bsd and very much interested in encrypted zfs. I read somewhere that zfs only supports up to 3 raidz parity disks as I found out here -> and so does most of the example I found on the net.

Another question, Are there any functionality/programs like truecrypt in bsd where I can hide partitions/(pools?) in bsd just like in linux/windows ?

Thank you again for a thoughtful write-up on encrypted zfs.

Comment by hafidz Thu Aug 16 15:09:35 2012

Tarsnap er fint for den paranoide geek.

rsnapshot for os knap så paranoide geeks

og gmail/dropbox/usb lignende løsninger for de resterende 99.9% af jordens befolkning

men off-site backup er generelt et godt råd

Dropbox er afgjort en god løsning for de fleste.
De sikkerheds issues der er ved servicen, er ikke relevante for de fleste almindelige brugere.

Man skal dog huske at den stjålne laptop vil have adgang til at slette data i dropbox.
Ikke noget der vil være et problem i de fleste situationer med en mistet laptop, men dog en pointe.

Comment by fj Tue Jun 7 13:26:54 2011

Jeg har også pushet til venner og bekendte. En nem måde at få taget en kopi og få den sendt væk fra computeren.

Sikkerheden for at amazon s3 så ikke smider vores data væk og sikkerheden mod at nogen læser mine filer....tjaeh tjoeh... Erfaringen viser at det er mere sandsynligt at min taske bliver stjålet :)