[CentOS] Best configuration for encrypted software RAID 1?
Dave Johansen
davejohansen at gmail.com
Sat May 18 01:48:34 UTC 2013
On Fri, May 17, 2013 at 12:04 PM, SilverTip257 <silvertip257 at gmail.com> wrote:
>
> On Fri, May 17, 2013 at 12:42 PM, SilverTip257 <silvertip257 at gmail.com>wrote:
>
> > On Fri, May 17, 2013 at 11:21 AM, Dave Johansen <davejohansen at gmail.com>wrote:
> >
> >>
> >> >
> >> > [0] https://wiki.archlinux.org/index.php/Dm-crypt_with_LUKS
> >>
> >> Thanks for the feedback. I'm actually doing this through an Anaconda
> >> config file and I'm using the following settings:
> >>
> >> part raid.boota --size=500 --ondisk sda
> >> part raid.bootb --size=500 --ondisk sdb
> >> raid /boot --fstype=ext4 --level=1 --device=md0 raid.boota raid.bootb
> >> part raid.slasha --grow --size=500 --ondisk sda
> >> part raid.slashb --grow --size=500 --ondisk sdb
> >> raid / --fstype=ext4 --level=1 --encrypted --passphrase=<passphrase>
> >> --device=md1 raid.slasha raid.slashb
> >>
> >> Is that the "right" way to do it? Or is there a configuration that
> >> would work better?
> >>
> >
> > That looks right. Maybe somebody else will have a tip.
> >
>
> You might also reference the advanced example here [0].
>
> [0]
> http://www.centos.org/docs/5/html/Installation_Guide-en-US/s1-kickstart2-options.html#s2-kickstart2-options-part-examples
That example is helpful for the RAID stuff, but it doesn't show an
example of encryption and so that's what my question is really about.
Should the raid line have the encryption like I have in my example? Or
should it be on each of the partitions? I'm just curious if there's a
pro/con to each of those options. My very basic/quick testing seemed
to indicate that doing it on the raid line was the better solution,
but I was just wondering if anyone had experience with this?
Thanks,
Dave
More information about the CentOS
mailing list