https://stackoverflow.com/questions/19796913
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianFull disclosure, I work for Gazzang and followup questions can be sent directly to support@gazzang.com
First you should confirm that zNcrypt is installed and running, the best way to verify that is by checking out this Gazzang support FAQ article. https://gazzang.zendesk.com/entries/28400268-How-do-I-confirm-that-zncrypt-is-running-and-protecting-my-data- Once you have confirmed zNcrypt is installed and running you can run a df command and you should see a zNcrypt filesystems mounted like below.
[root@node-001 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 97G 2.8G 90G 3% /
/dev/md0 2.7T 202M 2.6T 1% /data
/dev/sda1 99M 21M 73M 23% /boot
tmpfs 7.8G 0 7.8G 0% /dev/shm
/data/zncrypt/storage/encrypted_private 2.7T 202M 2.6T 1% /data/zncrypt/ezncrypted
/data/zncrypt/ezncrypted 2.7T 202M 2.6T 1% /data/zncrypt/ezncrypted
You can confirm zNcrypt is encrypting the data by printing the encrypted data with a cat or strings command.
[root@node-001 ~]# sudo strings /data/zncrypt/storage/encrypted_private/var/lib/cassandra/* | more
Using the strings command should output to your screen non-human readable data.
If you further would like to confirm the data is completely encrypted when you shutdown the cassandra service, you can unmount zncrypt and confirm there is no data in cleartext anywhere in the filesystem.
[root@node-001 ~]# sudo /etc/init.d/zncrypt-mount stop
[root@node-001 ~]# sudo strings /data/zncrypt/*/*/*/*/*/* | more
Again, using the strings command should output to your screen non-human readable data.
You will need to restart zncrypt after you verify the data is encrypted [root@node-001 ~]# sudo /etc/init.d/zncrypt-mount stop
