Just a few days ago I was turning my single disk ZFS pools into mirrors. By mistake I created a top-level vdev, so I had to-recreate the pool. In this post I’ll cover how to restore the data from a snapshot and how to create a mirror from single disk.
Continue reading Restore ZFS pool from snapshot, turn single disk vdev into mirrorCategory: zfs
Encrypting existing volumes in ZFS using zfs send and zfs recv
Let’s say you want to encrypt your previously not encrypted data – in my example a ZFS pool. A good way to do so is to simply use zfs send and zfs receive. These commands can be used to transfer ZFS data streams. The procedure is pretty simple. Create a snapshot, transfer this snapshot using zfs send and receive it using zfs receive.
Continue reading Encrypting existing volumes in ZFS using zfs send and zfs recvEncryption of ZFS volumes using a remote / external key-system written in PHP
I thought a long time about what security benefits I have if I store the encryption key of a volume on the same system (locally). Let me share some of these thoughts with you. Then I’ll show you my approach using a self-written key-system in PHP (using RedBeanPHP and Sqlite) and finally I’ll show you how to use this with ZFS.
Continue reading Encryption of ZFS volumes using a remote / external key-system written in PHP