Re: Using PG with Windows EFS or TrueCrypt for encryption

On Wed, Dec 8, 2010 at 01:19, Brady Mathis <bmathis(at)r-hsoftware(dot)com> wrote:
> Hi -
> I have searched the lists for comments about using PG with EFS and/or
> TrueCrypt in order to encrypt the entire database transparently.  I found a
> few posts making reference to this possibility so I have tried them both,
> but I didn't get either to work.
> I have PG-8.3 running on Windows server 2008 (64-bit).
> In the first scenario I just used Windows EFS (encrypting file system) to
> encrypt the database OID folder in the data\ folder.  After I did this, the
> PG service started, but I could not access the database in pgAdmin.
> Then I attempted to mount a normal encrypted volume with TrueCrypt, move the
> data\ and sub-folders to this volume and reconfigure PG to point to this as
> the data folder.  Now, the PG service will not start at all.
> Has anyone implemented something like this for PG in Windows?

Either one of these two should work fine. What you have to worry about
is if they honor the synchronous I/O flags and commands properly - I
don't know if either of them do. And of course, it'll be really slow.

You need to look in your eventlog to get the messages that tell you
why it failed...

--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/