In message <http://marc.info/?l=openbsd-misc&m=125695406905777&w=1>
Ted Unangst wrote (commenting on using svnd for encrypting /home on
an OpenBSD laptop)
> 2. People should be advised to use softraid crypto now.
I'd like to ask a more general question: what are the tradeoffs between
svnd and softraid for this sort of application (encrypting /home or
some other piece(s) of a laptop's disk)?
Please note I am *not* trying to be argumentative here -- I would
genuinely like to find out more about the tradeoffs. I currently have
multiple svnd-encrypted filesystems on 2 laptops + 2 external backup
disks), and I'd like to make an informed decision about whether to stay
with svnd for these, or start planning a move to softraid.
I've read the basic FMs svnd(4), vnconfig(8), softraid(4), and bioctl(8),
and I've browsed /usr/src/sys/dev/{vnd.c,softraid_crypto.c}. And I
understand (and 100% agree with) Tad's comment
> 4. If you stick with vnconfig, I'd make a slightly bigger deal about
> backing up the salt. People may have a tendency to copy the vnd
> backing file as a backup, omitting the salt, which makes it impossible
> to restore. softraid stores the salt with the raidinfo, so you
> whatever you're doing for backup, you aren't as likely to omit it.
Are there other FMs I should R to learn more?
ciao,
--
-- "Jonathan Thornburg [remove -animal to reply]"
<[email protected]>
Dept of Astronomy, Indiana University, Bloomington, Indiana, USA
"C++ is to programming as sex is to reproduction. Better ways might
technically exist but they're not nearly as much fun." -- Nikolai Irgens
