| From: | Ron Johnson <ron(dot)l(dot)johnson(at)cox(dot)net> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: PG and database encryption |
| Date: | 2017-08-22 20:11:52 |
| Message-ID: | 01a0a569-176b-2904-5e46-92b56e8f238b@cox.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 08/22/2017 02:55 PM, Joshua D. Drake wrote:
> On 08/22/2017 12:48 PM, rakeshkumar464 wrote:
>> We have a requirement to encrypt the entire database. What is the best tool
>> to accomplish this. Our primary goal is that it should be transparent to the
>> application, with no change in the application, as compared to un-encrypted
>> database. Reading about pgcrypto module, it seems it is good for few columns
>> only and using it to encrypt entire database is not a good use-case.
>>
>> Is this which can be done best by file level encryption? What are the good
>> tools on Linux (RHES), preferably open-source.
>
> If you are encrypting the entire database, use the filesystem.
>
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-Security_Guide-Encryption.html
>
But that's protection against stolen laptops.
--
World Peace Through Nuclear Pacification
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Paul Jungwirth | 2017-08-22 20:16:53 | Re: PG and database encryption |
| Previous Message | John McKown | 2017-08-22 20:08:29 | Re: PG and database encryption |