FreeBSD 10: Full ZFS encryption with bsdinstall
FreeBSD 10-RELEASE with ZFS encryption is being tested and rolled out as we speak!
You can check out the code changes that implement this here: https://github.com/freebsd/freebsd/commit/4ff80fc958fa143107ee77b1b5e699102342cdf1
Watch ZFS full encryption install on Youtube
And yes you can do full ZFS encryption install from bsdinstall!
Check out this video for a quick run through and see how the new installer has changed to support full ZFS encryption.
It’s good to see this feature added to the standard installer. I am glad the installer from PC-BSD wasn’t just dropped in, it works well but I for one don’t want to install FreeBSD using an X11 GUI.
Encryption is implemented using geli(8) , this does mean you will need to set an encryption key with a pass phrase which you will need to enter each time you boot the system, perhaps not to good for a server sitting in a data centre with out any out-of-bands.