Home > mailing lists

Re: [HACKERS] WIP: Data at rest encryption - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: [HACKERS] WIP: Data at rest encryption
Date	June 13, 2017 22:45:05
Msg-id	3550f152-9349-ee2b-edae-a8ec09d8d9fc@2ndquadrant.com Whole thread Raw
In response to	Re: [HACKERS] WIP: Data at rest encryption (Stephen Frost <sfrost@snowman.net>)
Responses	Re: [HACKERS] WIP: Data at rest encryption
List	pgsql-hackers

Tree view

On 6/13/17 15:20, Stephen Frost wrote:
> For example, you could simply do: 
> 
> cp -a /path/to/PG /mnt/usb
> 
> and you're done.  If you're using filesystem level encryption then you'd
> have to re-encrypt the data, using something like:
> 
> tar -cf - /path/to/PG | openssl -key private.key > /mnt/usb/encrypted_cluster.tar
> 
> And then you would need openssl on the other system to decrypt it.

Or make the USB file system encrypted as well?  If you're in that kind
of environment, that would surely be feasible, if not required.

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

pgsql-hackers by date:

From: Peter Eisentraut
Date: 13 June 2017, 22:43:14
Subject: Re: [HACKERS] WIP: Data at rest encryption

From: Peter Eisentraut
Date: 13 June 2017, 22:49:46
Subject: Re: [HACKERS] Get stuck when dropping a subscription duringsynchronizing table

Re: [HACKERS] WIP: Data at rest encryption - Mailing list pgsql-hackers

Previous

Next