public inbox for [email protected]
help / color / mirror / Atom feedFrom: Bruce Momjian <[email protected]>
To: Adam Vande More <[email protected]>
Cc: Peter Eisentraut <[email protected]>
Cc: [email protected]
Subject: Re: Data Partition Encryption documentation
Date: Fri, 6 Dec 2013 09:47:59 -0500
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <CA+tpaK19-Xb5MD7D-EOxJh811OryKZY8tXEVvarRDP--=SbZ4A@mail.gmail.com>
<[email protected]>
<CA+tpaK3Xshy2FhGQix3tuUYUs49gLYjpYPeXq-o1b-q3PRHwOA@mail.gmail.com>
<[email protected]>
List-Unsubscribe: <mailto:[email protected]?body=unsub%20pgsql-docs>
On Mon, Dec 2, 2013 at 04:15:00PM -0500, Bruce Momjian wrote:
> > pseudo diff
> >
> > -"On Linux, encryption can be layered on top of a file system using a "loopback
> > device". This allows an entire file system partition to be encrypted on disk,
> > and decrypted by the operating system. On FreeBSD, the equivalent facility is
> > called GEOM Based Disk Encryption (gbde), and many other operating systems
> > support this functionality, including Windows."
> >
> > +"There are at least two methods of encrypting a file system. The first is to
> > use a tool which implements an encrypted file system. On Linux, eCryptfs or
> > EncFS are commonly used for this while FreeBSD uses PEFS. The other and
> > perhaps more common method is to encrypt the block device a file system or swap
> > partition resides on. These types of solutions can also provide full disk
> > encryption. Linux generally uses dm-crypt + LUKS for this functionality with
> > other options dependent on kernel version/distro. On FreeBSD, there are two
> > GEOM modules to encrypt block devices: geli & gbde with geli being the
> > preferred solution for speed, security, and options. Many other operating
> > system have their own method of block device or full disk encryption."
>
> I have developed the attached doc patch to improve our details around
> storage encryption.
Patch applied.
--
Bruce Momjian <[email protected]> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ Everyone has their own god. +
--
Sent via pgsql-docs mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-docs
view thread (5+ messages)
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected]
Subject: Re: Data Partition Encryption documentation
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox