From owner-freebsd-questions@FreeBSD.ORG Mon Nov 14 23:51:02 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 551521065670 for ; Mon, 14 Nov 2011 23:51:02 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-ww0-f42.google.com (mail-ww0-f42.google.com [74.125.82.42]) by mx1.freebsd.org (Postfix) with ESMTP id DB3BB8FC13 for ; Mon, 14 Nov 2011 23:51:01 +0000 (UTC) Received: by wwi18 with SMTP id 18so5568380wwi.1 for ; Mon, 14 Nov 2011 15:51:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; bh=I6NWOHmfwcXI0ez0Rsf1iXWwCTYRIqpnGAp7tZ0584I=; b=xYRrwaVI9fjd9sE4qBZJS5ok11SjPia4brtJCggBd0dAh4Z3XH/n3eRnWM8cJHabi4 Rsv8T5w+Jqj5mwnqSDr0RUXiZ2W/UF3xDD2soseeic8vmPSTGCiScR28MQlge0O6PI9C /pcIH9Hx0xQyaIGHvnU8S0iJIg2xBetWmUi6M= Received: by 10.216.90.4 with SMTP id d4mr4393008wef.22.1321314660747; Mon, 14 Nov 2011 15:51:00 -0800 (PST) Received: from gumby.homeunix.com (87-194-105-247.bethere.co.uk. [87.194.105.247]) by mx.google.com with ESMTPS id ep16sm22091291wbb.21.2011.11.14.15.50.58 (version=SSLv3 cipher=OTHER); Mon, 14 Nov 2011 15:50:59 -0800 (PST) Date: Mon, 14 Nov 2011 23:50:54 +0000 From: RW To: freebsd-questions@freebsd.org Message-ID: <20111114235054.7c1e96c3@gumby.homeunix.com> In-Reply-To: <908814265.20111115000600@yandex.ru> References: <1274456846.20111114215728@yandex.ru> <20111114205141.2bf80ae1@gumby.homeunix.com> <908814265.20111115000600@yandex.ru> X-Mailer: Claws Mail 3.7.10 (GTK+ 2.24.6; amd64-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1251 Content-Transfer-Encoding: 8bit Subject: Re: geli + journal X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Nov 2011 23:51:02 -0000 On Tue, 15 Nov 2011 00:06:00 +0200 Коньков Евгений wrote: >catch idea, but some question: > in this situation .eli.journal journal device will not be encrypted? > can you describe how data flow will be? The journal is encrypted unless you choose to put it on a separate non-encrypted device. In principle the data is encrypted into the journal, decrypted from the journal and then re-encrypted into its final location. In practice I've found that in file copying between disks, writing uses about twice as much cpu time as reading, so maybe the decryption from the journal can be avoided by caching.