Can drives on encrypted zpools ever be "replaced"?

[ToBeFrank]

/tmp is a RAM drive.

Ah, ok. That's not as bad, but they should still be zeroed to clear out the memory, along with proper exception handling.

 

[cyberjock]

Well, since the encryption was only meant to abstract the data on disks for RMA purposes and was not designed to render deep-level hacking to retrieve the key, I think it "works as designed".

I agree that it would be nice if the functions were more hardened and such, but since that wasn't the purpose (and the devs aren't particularly well-versed on solid security practices with regards to encryption via geli) they don't have much experience to provide. If you have code improvements that would make it more secure I'm sure they would be appreciative! Nobody has audited the encryption that is used in FreeNAS afaik, so it's a "take it or leave it" situation.

 

[ToBeFrank]

Understood. I'm already in the process of setting up a VM. Building it looks simple enough, but there don't seem to be any instructions on running your dev code so we'll see how far I get with that.

 

[cyberjock]

I just saw your ticket for encryption changes. Both myself and the freenas manual writer are not geli wizards, so if you have changes you want to make to the manual that are safe please send them to me in a PM and I will test them and make sure they get added to the manual.

Thanks for the help with cleaning up the geli code. It's something that I feel has needed to be done for quite a while, but I'm neither experienced enough or have enough time to learn enough to do it myself. Not to mention I wouldn't trust what I'm doing with such little experience to be correct and since the downside is you may get locked out of your pool forever I'm probably not the one that should try either.