Softraid 5 8 16

broken image


Contributed byjcron from the shake-your-key-disk dept.

On i386 and amd64boot(8) support has been added for keydisk-based softraid crypto volumes. Undeadly editor Sean Cody (seantinfoilhatca) did some testing and wrote in to tell us how to use this feature.

Tap size: NF/NC UNF/UNC: Threads per inch: Basic major dia (inches) Basic effective dia (inches) Basic minor dia of ext. Threads (inches) Basic minor dia of int. Threads (inches). From looking at the softraid(8) source for a bit, (specifically softraid.h,softraidcrypto.c), it appears the minimum space is roughly 1KB since you need at least 32 keys times 32 bytes per key (256bits for AES-XTS-256). This is a bit opaque to those like myself unfamiliar with the softraid code base. Buy SYBA SD-PCXSA2-2E2R PCI-X 2X eSATA 2X INTERNAL SATA II Card softRAID with SILICON IMAGE SIL3124 CHIPSET: RAID Controllers. 3.0 out of 5 stars 16. Upgrade To The Full Version Of SoftRAID 5 From $89. Use the best SoftRAID promo code to save you a lot of money when purchase what you like. Dec 16, 2020 Click to.

Sean wrote in with the following:

Using keydisk based crypto volumes is very easy to setup and fun. Adding boot support makes using keydisks less of a pain to setup since your entire root volume can now be encrypted and deciphered by the key on an external volume/disk (like a USB or SD card). Prior to this patch the way to get this to work was to setup a root volume containing only the kernel that was bootable and then do the rest of the install on the encrypted volume.

There have been a few articles on how to do this in the past such as a blog post by one Ryan Kavanagh and another blog post by Bryan Vyhmeister. One thing slightly amiss with both articles is how they give some slightly awkward advice on how to handle swap slices. OpenBSD has encrypted the swap partition by default since 2005, but not putting the swap slice in the crypto volume is well, inadvisable. The result of putting swap on the crypto volume is a performance penalty caused by encrypting twice. While I understand and respect the idea of keeping swap outside of the crypto volume, doing this can be problematic for how the kernel finds and saves crash core dumps on warm reboots with savecore(8).

By default, the kernel expects crash core dumps to be written to swap on the 'b' slice of the boot volume, and if found, savecore(8) is called from rc(8) to write the core dump to a file in /var/crash on reboot. This isn't a savecore(8) specific option, but instead, it's a kernel option, so changing the dump device requires modifying the kernel options and rebuilding. Since running GENERIC is always advised, running a custom kernel for a single feature seems a bit excessive. If you are using the GENERIC kernel and mistakenly use the 'b' slice of the boot volume for something else like /usr or /home, you might be ok since it is not defined as a swap partition in /etc/fstab, but you have lost the ability of the kernel to record crash state and therefore lost the ability to debug a kernel panics. My recommendation is to keep a swap volume on the host disk AND one on the crypto volume, then in /etc/rc.local remove the crypto volume's swap slice from the active swap set. This gives you the best of both worlds at the cost of a bit of disk space.

Since /etc/rc runs before /etc/rc.local, the 'b' slice of the boot volume exits as a swap device when it's needed during warm reboots for saving crash dumps to /var/crash with savecore(8). Since you're disabling the 'b' slice on the crypto volume with swapctl(8) afterwards, you no longer suffer the double encryption performance penalty. None the less, the 'b' slice still exists if you need to write an initial crash dump with:

Though you can use the 'dumps on' directive in the configuration file used with config(8) to change the device where crash(8) dumps are saved, the result would be you're running an unsupported, custom kernel. The default (below) uses the 'b' slice as the target device for the 'dumps on' directive:

Another thing to consider is how you are going to manage your keydisk. Having only one copy of the key is, well, ill advised. If the USB stick fails, your machine is no longer bootable and your data (reasonably) unrecoverable. USB sticks are only slightly more reliable than floppies, and the reliability of floppies is horrible.

A safe way to manage keydisks is to create and test multiple keydisks and also keep a disk image of the key volume in a safe place. This is pretty easy to do if you plan out how you are going to manage your keydisk. For instance I would prefer to have one keydisk drive for all my systems, so I don't have to fumble with a stack of flash drives. Leap 3 8 3 – comprehensive file management application tool. I'll create a custom label and use /dev/sd0a for system A, and /dev/sd0d for system B etc. I'll also have another MSDOS partition on the USB stick to store copies of the slices and make it easy to transfer to a trusted backup host. Disk space doesn't matter much for the keydisk slices. You can make them 1MB with no issues, and go as small as 64 sectors (i.e. 16KB). Smaller may be possible but I have not tried personally. From looking at the softraid(8) source for a bit, (specifically softraid.h,softraid_crypto.c), it appears the minimum space is roughly 1KB since you need at least 32 keys times 32 bytes per key (256bits for AES-XTS-256). This is a bit opaque to those like myself unfamiliar with the softraid code base. The point is to not be too skimpy. I would suggest sticking with 1MB as it isn't really that big relative to the available flash media today and it's easier to handle. For example, a keydisk I'm using to play with this feature is a 16GB stick which is laid out like:

Softraid 5 8 165

A clean and safe way to backup and restore the keydisk softraid metadata is to use dd(1) and seek in 8192 bytes so as to avoid the disklabel on the drive.

Backup:

Restore:

To visually check or inspect the keydisk the handy hexdump(1) can be used.

Note: All softraid volumes start at 0x2000 (8192) bytes from the beginning of the volume and start with the string 'marcCRAM'. Also note the device ID at 0x20b0, while the softraid driver should manage the devices moving around (ie. detected out of order). Just keep it in mind in case you are having issues (ie. keep the slice arrangement consistent on your keydisks.. may not be necessary but I had some issues when playing with it myself.

The final proviso is that your keydisk needs to be discoverable from the BIOS/EFI. If the machine you want to play with can boot from USB then you should be ok.

If you wonder why using a keydisk would be useful, then consider how the keydisk is required to boot the system and can be removed immediately after the encrypted volume is mounted. From a physical security perspective, this is a pretty handy feature assuming you have a UPS and don't mind traveling to the machine location to boot the system. Another neat use is for laptops, as this can give you full disk encryption without having to resort to TrueCrypt or similar. You only need to have the keydisk (USB, SD card etc.) plugged in to boot, so if you are disciplined about ejecting the keydisk, then the laptop data is somewhat more secured if stolen.

Like most use of RAID, a keydisk setup is only as reliable as your ability to recover from it, so make sure to backup what you care about, and of course, practice and validate your procedures and tools.

SoftRAID 5.8.1


SoftRAID allows you to create and manage disk arrays to increase performance and reliability. SoftRAID's intuitive interface and powerful feature set make this utility a must-have for any Mac OS X Server admin, 'Pro' user, photographer, digital-video editor, or desktop user who wants more reliable backup for his computer.
SoftRAID popular package creation and management of RAID-arrays
Softraid

With it, users can create on their Macs, whether it is a desktop computer or a server company, RAID-arrays of zero (data distribution) and the first (mirroring) level, to serve them, to make setup and configuration, to monitor the state of drive.
Softraid

With it, users can create on their Macs, whether it is a desktop computer or a server company, RAID-arrays of zero (data distribution) and the first (mirroring) level, to serve them, to make setup and configuration, to monitor the state of drive.
'Creating and managing partitions with SoftRAID easier than ever pervasive nature,' according to a press release from the developer, who also said that the version can handle sections of up to 4 petabytes of data, and has a new improved algorithm to rebuild RAID partitions of the first level.

Softraid 5 8 168


SoftRAID version 5 is fully compatible with High Sierra version 5 has been thoroughly tested for compatibility with High Sierra. You can even use the program on a volume setting High Sierra SoftRAID.

Softraid 5

What's New:

Version 5.8:
  • Includes important bug fixes and changes that improve SoftRAID compatibility with macOS 10.15 Catalina

Screenshots:

  • Title: SoftRAID 5.8.1
  • Developer: SoftRAID, Inc.
  • Compatibility: OS X 10.6.8 or later, 64-bit processor
  • Language: English
  • Includes: K'ed by The Shark
  • Size: 36.08 MB
  • visit official website

NitroFlare:






broken image
PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save