On Tue, 25 Nov 2014, Jason Tubnor wrote:
With crypto being deprecated (and possibly removed in future versions
- depending on dev direction) from vnconfig, would the following be
assumed one way of providing an encrypted container?
To create 200MB encrypted container:
sudo dd if=/dev/zero of=/var/encrypt/container.encrypt bs=1m count=200
sudo chmod 600 /var/encrypt/container.encrypt
sudo vnconfig vnd0 /var/encrypt/container.encrypt
printf "a\n\n\n\nRAID\nw\nq\n\n" | sudo disklabel -E vnd0
sudo bioctl -c C -l vnd0a softraid0
## Enter your secret passphrase here....
sudo dd if=/dev/zero of=/dev/rsd1c bs=1m count=1
printf "a\n\n\n\n4.2BSD\nw\nq\n\n" | sudo disklabel -E sd1
sudo newfs /dev/rsd1a
sudo mount /dev/sd1a /encrypt
##
When I tried this a couple of months ago I saw double figure of written
bytes to the host device (where /var/encrypt resides in your case) than
what I was actually writing to the softraid volume (/dev/sd1c in your
case). It did not look neither efficient, nor healthy. Try dd if=/dev/zero
of=/dev/rsd1c bs=1m while watching systat/iostat at the same time. Is it
still the case?
Regards,
David
