Crypto

I have covered just about everything possible for drive encryption in OpenBSD. My last post is on using the least recommended option for encrypted volumes. It is slower, unsupported, and unfortunately the best option for seamless operations :) The best way to think about svnd is if you have used truecrypt, it is very similar in that you create an image rather than actually encrypting the entire partition. Using some fancy linking and auto mounts you can use it for hosting your /home /tmp and others. The instructions are below, but unlike the last howto it assumes your system is already installed. This is because svnd does not require you to modify the system prior to /install and can be a good security implementation to use if you are already up and running: ...

My original idea was to post a dual how-to for both softraid and svnd, but due to the size of the posts with screenshots, I have decided against that. Since softraid is the path forward in the OpenBSD world I will start here. This post is not dial-up friendly, so be patient while it loads from my poor server. This post is part of my larger OpenBSD crypto series for which the other posts are below: ...

Let me start by saying I am not a benchmarker. At all…so these results are posted for friendly banter and I make no claim to their validity. Consider this the glxgears of filesystem testing. The testing was done with two identical OpenBSD 4.8 installs running in VMware Fusion 3.1 on a Mac Mini Server. The bonnie test was done to the same /home partitions mounted in crypto volumes. In green you will find the winner for each category. ...