[Haifux] Nested disk encryption

[Eli Billauer]

Hi,


Thanks, but it looks like we're not on the same page. I'm not looking 
for double protection. And I know that in theory, what I want to do is 
OK, and that the ciphers are theoretically strong (hoping we don't have 
a Debian fiasco II buried somewhere).


My concern in about kernel reliability. Whether two layers of encryption 
isn't a quirky scenario, which may reveal a nasty bug in the kernel code.


The best answer I could get would be something like "company X is using 
this for years on their high availability servers without a glitch". I 
would also settle for "I'm doing this all the time".


    Eli


Orr Dunkelman wrote:

> If you use modern ciphers (AES-256, or Serpent are two such ciphers),
> there should be no problem.
>
> The RAID's encryption does not care what you encrypt. The loopback
> device does not care where it is stored. So you get double protection.
>
> Orr.
>
>   


-- 
Web: http://www.billauer.co.il