ZFS/HFS commands
sudo diskutil partitiondisk /dev/disk(n) GPTFormat "Free Space" "Free Space" 100%
sudo zpool create -f -o ashift=12 -O checksum=skein -O casesensitivity=insensitive -O atime=off -O normalization=formD <poolname> mirror disk(n) disk(n+1)
sudo zfs set reservation=1m <poolname>
sudo zfs create <poolname>/<dataset>
sudo zfs set com.apple.mimic_hfs=on <dataset>
sudo chown -Rf <username>:staff /Volumes/<pool>
sudo chmod o-rwx /Volumes/<poolname>
sudo pool history
Skein is a high-performance secure hash algorithm that was
a finalist in the NIST SHA-3 competition. It provides a very high
security margin and high performance on 64-bit hardware (80% faster
than SHA-256). This implementation also utilizes the new salted
checksumming functionality in ZFS, which means that the checksum is
pre-seeded with a secret 256-bit random key (stored on the pool)
before being fed the data block to be checksummed. Thus the produced
checksums are unique to a given pool, preventing hash collision
attacks on systems with dedup.
A ZFS reservation is an allocation of disk space from the pool that is guaranteed to be available to a dataset.
tangles wrote:Hi nodarkthings,
skein is just another checksum that apparently is faster.
from https://illumos.org/man/5/zpool-featuresSkein is a high-performance secure hash algorithm that was
a finalist in the NIST SHA-3 competition. It provides a very high
security margin and high performance on 64-bit hardware (80% faster
than SHA-256). This implementation also utilizes the new salted
checksumming functionality in ZFS, which means that the checksum is
pre-seeded with a secret 256-bit random key (stored on the pool)
before being fed the data block to be checksummed. Thus the produced
checksums are unique to a given pool, preventing hash collision
attacks on systems with dedup.
abc123 wrote:This states that skein is faster than SHA-256 but ZFS defaults to fletcher4 according to the man page. But the docs don't say if SHA-256 is faster or slower than fletcher 4. Do you know if this is documented anywhere?
haer22 wrote:SHA-256 is way slower than fletcher4. When I started using ZFS I played around with stuff and also SHA-256. Turned it on and then quickly realised that it was abad idea. Performance went down.
Nowadays I use edonr as my checksum. Faster than skein, edonr is the fastest checksum for ZFS. It is not as secure against attacks as skein et al, but my concern is bit-rot, not theoretical attacks.
Users browsing this forum: No registered users and 3 guests