On 08/22/2017 01:08 PM, John McKown wrote:
> On Tue, Aug 22, 2017 at 2:48 PM, rakeshkumar464
> <rakeshkumar464@outlook.com> wrote:
>> We have a requirement to encrypt the entire database.
>
> Personally, what I'd do (and actually do at work) is to us LUKS.
I second that, although I'll add that if you're on AWS you can also use
encrypted EBS volumes. You get a very similar effect, except all you
need to do is tick a checkbox (or set a CloudFormation attribute, etc.).
Also you can get unattended reboots without storing the key somewhere
vulnerable. There may be perf advantages too; I'm not sure.
Good luck!
Paul
