By paulie on Jan 03, 2011
USB memory sticks are easily lost, so to keep your data safe, it's best to use the new encryption feature of ZFS available since snv_149 (ZFS version 30). Here's how to take advantage of it.
[paulie@adrenaline ~]$ uname -a SunOS adrenaline 5.11 snv_155 i86pc i386 i86pc SolarisGet the device id for the USB stick using rmformat.
[paulie@adrenaline ~]$ rmformat Looking for devices... 1. Logical Node: /dev/rdsk/c11t0d0p0 Physical Node: /pci@0,0/pci108e,534a@2/hub@4/storage@1/disk@0,0 Connected Device: SanDisk U3 Cruzer Micro 8.02 Device Type: Removable Bus: USB Size: 1.9 GB Label:The device id is c11t0d0p0. Using this id, we can make a pool on the device called 'secret'. You can call yours whatever you want.
Access permissions: Medium is not write protected.
[paulie@adrenaline ~]# zpool create -O encryption=on secret c11t0d0p0 Enter passphrase for 'secret': Enter again:Let's create a random 128MB file in the new pool called file.enc.
[paulie@adrenaline ~]# cd /secret; mkfile 128m file.encNow, let's make sure it works by exporting and importing the secret pool and hope it asks for a password.
[paulie@adrenaline ~]# zpool export secret [paulie@adrenaline ~]# zpool import secret Enter passphrase for 'secret':It works as expected. Let's check for the created file.
[paulie@adrenaline ~]# ls /secret file.encWe can also check the encryption of any zfs filesystem by using the following command:
[paulie@adrenaline ~]# zfs get encryption secret NAME PROPERTY VALUE SOURCE secret encryption on localFor more information visit: