FreeBSD 10: Full ZFS encryption with bsdinstall

FreeBSD 10-RELEASE with ZFS encryption is being tested and rolled out as we speak!

You can check out the code changes that implement this here:

Watch ZFS full encryption install on Youtube

And yes you can do full ZFS encryption install from bsdinstall!

Check out this video for a quick run through and see how the new installer has changed to support full ZFS encryption.

It’s good to see this feature added to the standard installer. I am glad the installer from PC-BSD wasn’t just dropped in, it works well but I for one don’t want to install FreeBSD using an X11 GUI.

Encryption is implemented using geli(8) , this does mean you will need to set an encryption key with a pass phrase which you will need to enter each time you boot the system, perhaps not to good for a server sitting in a data centre with out any out-of-bands.

You may also like...

  • Olivier Cochard

    “cat file | grep string” => UUOC ! :-)
    Can we install a geli volume on top of the zpool in place on top of each disk ?
    It will avoid to have to type n times the geli password (with n=number of disks).

  • BSD

    I just upgraded from 9.2-STABLE to 10.0-STABLE. After upgrading I moved to pkg but now when I try to recompile all my ports with portmaster I get this error:

    make: “/usr/ports/Mk/” line 118: warning: Couldn’t read shell’s output for “/usr/local/bin/mysql –version | /usr/bin/sed -e ‘s/.*Distrib ([0-9]).([0-9]*).*/12/'”
    Shared object “” not found, required by “mysql”
    Shared object “” not found, required by “mysql”
    ===>>> This port is marked IGNORE
    ===>>> cannot install: unknown MySQL version:

    ===>>> If you are sure you can build it, remove the
    IGNORE line in the Makefile and try again.

    Any ideas??

    • bones

      install lang/gcc from ports. This will bring back libstdc++