Thread: Reg: Filesystem level encryption support for postgreSQL
Hi folks,
i am new to postgreSQL and i need to implement Filesystem level encryption and we use EKM for encryption keys
i am seeking you folks help to know 2 things here
- if i implment EKM which is third party encryption is that supported by postgreSQL
- what is the best practice and supported method of implmenting the filesytem level of encyption/protection in postgreSQL
- i searched google but did not find much info
- any pointer or link to read would alos help
Thanks in advance folks
Pradeep
Thanks but i am looking for solution which is more specific to postgreSQL in line with TDE and HSM
From: jwiencek3 <jwiencek3@comcast.net>
Sent: Thursday, September 12, 2019 9:42 PM
To: pradeep pandey <pandeyp@hotmail.com>; pgsql-admin@lists.postgresql.org <pgsql-admin@lists.postgresql.org>
Subject: Re: Reg: Filesystem level encryption support for postgreSQL
Sent: Thursday, September 12, 2019 9:42 PM
To: pradeep pandey <pandeyp@hotmail.com>; pgsql-admin@lists.postgresql.org <pgsql-admin@lists.postgresql.org>
Subject: Re: Reg: Filesystem level encryption support for postgreSQL
I'm working on an environment that is using Hytrust. Other than taking a long time encrypt the disk there have been no issues at all.
FYI encryption of a 1Tb mount takes approx. 12 hours. We had to decrypt at one point and that effort was about the same as an encrypt.
Storage admins owned this not the DBA.
Sent via the Samsung Galaxy S9+, an AT&T 5G Evolution capable smartphone
-------- Original message --------
From: pradeep pandey <pandeyp@hotmail.com>
Date: 9/12/19 3:59 PM (GMT-06:00)
To: pgsql-admin@lists.postgresql.org
Subject: Reg: Filesystem level encryption support for postgreSQL
Hi folks,
i am new to postgreSQL and i need to implement Filesystem level encryption and we use EKM for encryption keys
i am seeking you folks help to know 2 things here
- if i implment EKM which is third party encryption is that supported by postgreSQL
- what is the best practice and supported method of implmenting the filesytem level of encyption/protection in postgreSQL
- i searched google but did not find much info
- any pointer or link to read would alos help
Thanks in advance folks
Pradeep
But you said "i need to implement Filesystem level encryption". That's not specific to PostgreSQL.
On 9/12/19 4:57 PM, pradeep pandey wrote:
P {margin-top:0;margin-bottom:0;} Thanks but i am looking for solution which is more specific to postgreSQL in line with TDE and HSMFrom: jwiencek3 <jwiencek3@comcast.net>
Sent: Thursday, September 12, 2019 9:42 PM
To: pradeep pandey <pandeyp@hotmail.com>; pgsql-admin@lists.postgresql.org <pgsql-admin@lists.postgresql.org>
Subject: Re: Reg: Filesystem level encryption support for postgreSQLI'm working on an environment that is using Hytrust. Other than taking a long time encrypt the disk there have been no issues at all.FYI encryption of a 1Tb mount takes approx. 12 hours. We had to decrypt at one point and that effort was about the same as an encrypt.Storage admins owned this not the DBA.Sent via the Samsung Galaxy S9+, an AT&T 5G Evolution capable smartphone-------- Original message --------From: pradeep pandey <pandeyp@hotmail.com>Date: 9/12/19 3:59 PM (GMT-06:00)Subject: Reg: Filesystem level encryption support for postgreSQLHi folks,i am new to postgreSQL and i need to implement Filesystem level encryption and we use EKM for encryption keysi am seeking you folks help to know 2 things here
- if i implment EKM which is third party encryption is that supported by postgreSQL
- what is the best practice and supported method of implmenting the filesytem level of encyption/protection in postgreSQL
- i searched google but did not find much info
- any pointer or link to read would alos help
Thanks in advance folksPradeep
--
Angular momentum makes the world go 'round.
Angular momentum makes the world go 'round.
Indeed. When I read the question I also thought of something like VeraCrypt (ex TrueCrypt). Any solution specific for postgres would NOT be at "filesystem level".
Regards, Arni
On 13/09/2019 00.22, Ron wrote:
But you said "i need to implement Filesystem level encryption". That's not specific to PostgreSQL.On 9/12/19 4:57 PM, pradeep pandey wrote:P {margin-top:0;margin-bottom:0;} Thanks but i am looking for solution which is more specific to postgreSQL in line with TDE and HSMFrom: jwiencek3 <jwiencek3@comcast.net>
Sent: Thursday, September 12, 2019 9:42 PM
To: pradeep pandey <pandeyp@hotmail.com>; pgsql-admin@lists.postgresql.org <pgsql-admin@lists.postgresql.org>
Subject: Re: Reg: Filesystem level encryption support for postgreSQLI'm working on an environment that is using Hytrust. Other than taking a long time encrypt the disk there have been no issues at all.FYI encryption of a 1Tb mount takes approx. 12 hours. We had to decrypt at one point and that effort was about the same as an encrypt.Storage admins owned this not the DBA.Sent via the Samsung Galaxy S9+, an AT&T 5G Evolution capable smartphone-------- Original message --------From: pradeep pandey <pandeyp@hotmail.com>Date: 9/12/19 3:59 PM (GMT-06:00)Subject: Reg: Filesystem level encryption support for postgreSQLHi folks,i am new to postgreSQL and i need to implement Filesystem level encryption and we use EKM for encryption keysi am seeking you folks help to know 2 things here
- if i implment EKM which is third party encryption is that supported by postgreSQL
- what is the best practice and supported method of implmenting the filesytem level of encyption/protection in postgreSQL
- i searched google but did not find much info
- any pointer or link to read would alos help
Thanks in advance folksPradeep--
Angular momentum makes the world go 'round.