Skip to main content

A quick-start guide to OpenZFS native encryption

posted onJune 23, 2021
by l33tdawg
Arstechnica
Credit: Arstechnica

One of the many features OpenZFS brings to the table is ZFS native encryption. First introduced in OpenZFS 0.8, native encryption allows a system administrator to transparently encrypt data at-rest within ZFS itself. This obviates the need for separate tools like LUKS, VeraCrypt, or BitLocker.

OpenZFS encryption algorithm defaults to either aes-256-ccm (prior to 0.8.4) or aes-256-gcm (>= 0.8.4) when encryption=on is set. But it may also be specified directly. Currently supported algorithms are:

  •     aes-128-ccm
  •     aes-192-ccm
  •     aes-256-ccm (default in OpenZFS < 0.8.4)
  •     aes-128-gcm
  •     aes-192-gcm
  •     aes-256-gcm (default in OpenZFS >= 0.8.4)

 

Source

Tags

Encryption

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th