Hi
I currently have TrueNAS Core installed on a Mirror of 2 SSD called freenas-boot (default name when I installed FreeNAS). I have 2 Pools (let's call them PoolA and PoolB) which have been created with encryption turned on with 'Key' encryption.
My System-Dataset is currently stored on PoolB.
I want to secure my server further by making sure that even if someone were to steal my whole physical server they couldn't access the data. To do that I thought of switching the 'Key' based encryption (which auto decrypts the pools on boot) and enable 'Passphrase', so that I have to manually unlock the pools by hand upon reboot with the passphrase set.
I currently cannot set passphrase encryption on 'PoolB' as it's the location that has the 'System Dataset' on it, but I can do so on 'PoolA'. So I was thinking of moving the 'System Dataset' onto the 'freenas-boot' pool. (technically not really a pool, right?)
But I don't fully understand a few things about the encryption and wasn't able to find out by reading the manual.
Thanks for the help in advance!
I currently have TrueNAS Core installed on a Mirror of 2 SSD called freenas-boot (default name when I installed FreeNAS). I have 2 Pools (let's call them PoolA and PoolB) which have been created with encryption turned on with 'Key' encryption.
My System-Dataset is currently stored on PoolB.
I want to secure my server further by making sure that even if someone were to steal my whole physical server they couldn't access the data. To do that I thought of switching the 'Key' based encryption (which auto decrypts the pools on boot) and enable 'Passphrase', so that I have to manually unlock the pools by hand upon reboot with the passphrase set.
I currently cannot set passphrase encryption on 'PoolB' as it's the location that has the 'System Dataset' on it, but I can do so on 'PoolA'. So I was thinking of moving the 'System Dataset' onto the 'freenas-boot' pool. (technically not really a pool, right?)
But I don't fully understand a few things about the encryption and wasn't able to find out by reading the manual.
- Is it true, that someone could access the data on both pools if I'm using 'Key' based encryption and they would steal the whole server?
- Is it true that currently the only way to decrypt 'PoolA' is with the backup of the keyfiles if 'PoolB' (which stores the 'System Dataset') were to catastrophically fail?
- Is it true that point 2. would also be true if it was on the 'freenas-boot' pool and that were to catastrophically fail?
- Is it true that the 'System Dataset' containing the Keys is not encrypted, as they could read them in plain text?
- Is it true that someone would be able to access the data of 'PoolB' if they were able to get their hands on all the drives of that pool, since the 'System Dataset' lives on that pool and containes the keys? (assuming the key files are stored in plain as the 'System Dataset' is not encrypted as per question 4.)
- Is it true that it would generally be a better idea to always store the 'System Dataset' on the 'freenas-boot' pool? Assuming question 4. & 5. are true?
- It it true that a passphrase is generally the more secure way to encrypting the pool, even if that means giving up some quality of live due to having to decrypt the pool upon reboot?
- Is it true that the WebGUI admin password can be reset if someone has access to the whole server and accessing the console on server level? I'm not sure if you have to login first
Thanks for the help in advance!