Results 1 to 6 of 6

Thread: lto4 hardware encryption

  1. #1
    Join Date
    Nov 2009
    Location
    Canada
    Posts
    2

    Lightbulb lto4 hardware encryption

    (note to admin/mod: suggest move this to suggestions forum. thx.)

    hi,

    has any work been done on implementing LTO4 hardware encryption?

    I understand that bacula has some pre/post scripting support; haven't seen this in amanda.

    Not initially after a complex (read $$$) KMS option, just something to deliver/grok the requisite AES-GCM keystring in-band via SPIN/SPOUT before the tape dump/restore actions.

    Perhaps the attached .c bits could be a useful starting ground for any interested committers.

    Thoughts appreciated.

    cheers,

    R.
    Attached Files Attached Files
    Last edited by robvanhooren; November 25th, 2009 at 04:08 AM.

  2. #2
    Join Date
    Mar 2007
    Location
    Chicago, IL
    Posts
    688

    Default

    Thanks! While I was at LISA in Baltimore, Andrew Schretter gave me code to do exactly the same thing.

    I'd love to see this merged into the Amanda tape device as a property. The code Andrew sent was specific to the Linux sg driver. I can't tell what system your code is designed for.

    Anyway, why don't you take a look at device-src/tape-*.c and see what you can do?
    Storage Software Engineer
    Zmanda, Inc.

  3. #3
    Join Date
    Nov 2009
    Location
    Canada
    Posts
    2

    Smile

    this was hacked out on an OpenVMS system... not too widespread I admit.
    atm, I'm toying with porting it to a BSD box... I'll see what I can come up with and post again here if I feel up to it.

    if you're more comfortable with Andy's code snippets, proceed they're probably cleaner ;-)

    feel free to compare his code with the logic I had in the attachment. (will he let you post it here? or PM it to me for a look-see...)

    once this feature is in, it's one more feather in the community's "no need to keep shelling out the annual EMC/Symantec ransom" cap.

    (well, except for those shops who are mandated to use an automated KMS instead of having file-based key storage.)

    cheers,

    R.

  4. #4
    Join Date
    Mar 2007
    Location
    Chicago, IL
    Posts
    688

    Default

    Here's his version.

    I don't have an LTO4 system to test with, so I won't be working on this particular project, but if you or someone else wants to merge this into the tape-device, I'll be happy to offer advice and pointers.
    Attached Files Attached Files
    Storage Software Engineer
    Zmanda, Inc.

  5. #5
    Join Date
    Nov 2011
    Location
    Twin Cities, MN
    Posts
    7

    Default

    I know it's been a couple of years now, but I'm not finding anything more about this effort.

    I don't see anything about it in the Release Notes.

    Any updates???

    Thanks!

  6. #6

    Default Linux SRC???

    Quote Originally Posted by dustin View Post
    Thanks! While I was at LISA in Baltimore, Andrew Schretter gave me code to do exactly the same thing.

    I'd love to see this merged into the Amanda tape device as a property. The code Andrew sent was specific to the Linux sg driver. I can't tell what system your code is designed for.

    Anyway, why don't you take a look at device-src/tape-*.c and see what you can do?

    I've seen the VMS source a number of times. I'd dearly love to get my hands on a Linux port. I see the linux source now... I'll play with it and post my experiences.

    Regards,

    Jim
    Last edited by jrichard; December 29th, 2011 at 05:14 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •