hum... IMHO... security isn't cheap if you want performace, right? with a disk with important data, I don't do rma buy another and replace, it's cheap, less time lost, and more performace without encryption, ok if you lost data, why you don't do backup and mirror, maybe replication (databases)? replace the bad disk and system works, restore backup and start jobs again ok, but if you want crypt at disk? add a layer at filesystem is the best option check: 1)HERL if you have a crash at crypt, you lost raid and lvm, how to restore a file if you can't start raid and lvm? you will restore the full disk (terabytes) or you prefer restore some files (kb, mb, gb?) 2)HRLE if you have a crash at crypt, you lost some files, but your lvm still running and your raid system too ok when you crash a disk you lost many things, but some things without encryption are easier to read, data without crypt could be "HELLO GUY", data with crypt coudl be "ASDFJWE", now, you remember that you have a filename with "HELLO GUY", try to find it with a crash disk with crypt, and without, without crypt is easier, right? i think the best option is crypt at filesystem, and don't crypt metadata (file name for example), just the data (file contents), that's my opnion -- To unsubscribe from this list: send the line "unsubscribe linux-raid" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
