nice, check what i'm thinking about... 1) i start mariadb without keys i start my app here i must check that all tables are 'unlocked' and read to use, we will have a method to this? at mysql_connect i will check if keys are loaded, maybe a SHOW STATUS like 'encryption_keys_loaded' = 1 or 0
2) about externall acess to include encryption/key maybe a sql statment? INSERT INTO mysql.encrypt_keys (key,value) value (1,"abcdefg.....") just an idea about external key uploading or an external server (no problem) 2014-06-20 9:51 GMT-03:00 Elmar Eperiesi-Beck <el...@eperiesi-beck.de>: > At startup the keys will be read once and kept in memory. Normaly you are > not going to encrypt 1000 tables, because you just encrypt the content that > is confidential. But yes- each key has to be in the memory. Or you use an > external encryption/key server that handels the encryption and the > key-management outside the DB. > > We enhanced the concept, that it is possible to deliver the key manually at > server startup. You can have it e.g. on a pendrive and start the server with > the keys as a backup. > > > > Am 17.06.2014 um 18:55 schrieb Roberto Spadim <robe...@spadim.com.br>: > > humm, now i'm thinking as a data warehouse > think about installing a server (server 1) in somewhere (maybe saara > desert).... i connect the "server 1" to internet, and configure the server > uri to point to my central server (server central), maybe at moon > > when the mysqld/mariadbd start, it will contact the central server and get > all keys, or only get keys when i need? for example a server with 1000 > tables and 1000 diferent keys, they are all stored at memory at boot time, > or only when i need read/write access to that table? > > if i remove the internet link, the "server 1" will not read tables, right? > in this case, if i have the keyfile in a pendrive, or a cd or dvd, could i > redirect it to a key file and start database, as a backup solution? > > > -- Roberto Spadim SPAEmpresarial Eng. Automação e Controle _______________________________________________ Mailing list: https://launchpad.net/~maria-developers Post to : maria-developers@lists.launchpad.net Unsubscribe : https://launchpad.net/~maria-developers More help : https://help.launchpad.net/ListHelp
