#geli — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #geli, aggregated by home.social.
-
https://www.europesays.com/africa/152551/ Ciidamada Kenya oo fashiliyey isku day Al-Shabaab ay ku geli lahaayeen xadka Mandera #AlShabaab #ay #ciidamada #day #fashiliyey #geli #isku #Kenya #ku #lahaayeen #Mandera #oo #Xadka
-
GELI suspend/resume fails on non-rootfs partition …
<https://www.reddit.com/r/freebsd/comments/1pr7l2k/geli_suspendresume_fails_on_nonrootfs_partition/> | <https://forums.freebsd.org/threads/geli-suspend-resume-fails-on-non-rootfs-partition-destroys-data.100860/>
― intriguing
― help, please (in either Reddit, or the Forums, if you can).
-
... Wondering if Adrian possesses the forbidden knowledge...
... What in the heck "Geom ELI" actually means! 😂
(Yes, I have emailed the author. He was very affable, and quite entertained by my query, but didn't divulge the secret!)
-
Just ran into a good reason to use labels for your geli partitions. Years ago, when I replaced a drive, I did a geli init on it, and it was ada11 at the time. After a while I moved it's location so it became another ada. But the issue is that the old geli backup still has the name ada11 despite that device not existing. It also now means that I don't know what drive ada11 corresponds to if I do need to use it for a restore.
-
@nixCraft nearly all suitably encrypted. No FDE.
OpenZFS encryption for:
* the sensitive part of a mobile hard disk drive
* three low-spec USB memory sticks that add around 145 GiB persistent removable L2ARC to a circa 2014 HP ZBook with 32 G memory and a ~1 TB internal HDD.
GELI for 16 G swap.
GELI for 915 G /
tmpfs for /tmp/
<https://github.com/openzfs/zfs/issues/10256>
「… blocks in the L2ARC have the exact same on-disk representation as they do in the main pool. …」
geli(8) <https://man.freebsd.org/cgi/man.cgi?query=geli&sektion=8&manpath=freebsd-release> – automatically configured when FreeBSD was installed.
tmpfs(4) <https://man.freebsd.org/cgi/man.cgi?query=tmpfs&sektion=4&manpath=freebsd-current> (FreeBSD 15.0-CURRENT)
#FreeBSD #L2ARC #ZFS #OpenZFS #encryption #USB #memorystick #flash #flashdrive #mobile #GELI
-
#NomadBSD is nice! Solid xfce desktop, persistent USB session (or desktop installer), and even GELI* #FullDiskEncryption, even on persistent USB.
*It stands for "Geom ELI."
As far as i can tell, only one person on the earth knows what ELI stands for. Yes, the author. Yes, I have emailed him., No, he's not telling. No, it doesn't stand for Encryption Layer Interface. Yes, I asked. 😆 -
@tehpeh of <https://forums.freebsd.org/threads/geli-zfs-vs-zfs-native-encryption-performance.90970/> fame!
GELI+ZFS vs ZFS native encryption performance
-
OpenZFS Native Encryption
https://friendica.ambag.es/display/e0590d38-6865-85a7-59b7-ab5071780338
-
Committing Linux crimes. You might know I'm a #FreeBSD girl, so why not using my FreeBSD drive for Linux ?
My FreeBSD uses #GELI encryption + ZFS, what could possibly be less cursed than using the experimental #GELI port for Linux to map your root device containing a ZPOOL ?
So far, I created new datasets in my ZPOOL (from BSD on) and installed an Arch Linux base system onto it using the Linux emulation.
Got GELI to compile on Linux now still writing an initramfs hook for it !
Stay tuned 🎉 ! -
@tamtararam Hmmmm, I was rather thinking about the [#matrix] spec, key backup passphrase options in particular, but yeah, that one too 😂 ... Glad I use ZFS on FreeBSD, so no grub but #GELI ...
-
(tl;dr summary: trying to get data from encrypted FreeBSD disks on Linux)
Scenario: I had an old server running #FreeBSD, which I'm wanting to migrate to a new server running Linux. I put a couple of SSDs in the new machine to use as a mirror, and set up the basics.
I've now moved the disks to the new server, but actually using them directly is a bit of a faff since I encrypted my root pool's disks with geli. I found Portable Geli (https://github.com/bijanebrahimi/portable-geli) and hoped that would work for me, but after some experimentation I realised it doesn't support keyfiles, and my setup used one.
Now, I've created a VM on the new server and passed the disks through to it and reconfigured the boot config to let me effectively boot my old server, but it would be nice to not have to do this and just have the data be directly available on Linux.
Does anyone know if it would be incredibly frustrating for someone with very little in the way of C skills to lift the code to support keyfiles from geli and add it to portable geli, or alternatively how terrible an idea it might be to remove one drive from the (RAIDZ, 4x3TB) pool at a time, reinitialise it with LUKS, and add it back in and wait for it to resilver? The disks are pretty old, which I hope makes them more trustworthy than they would be if they were brand new...