SOLVED Can't Create New Passphrase for Encrypted Pool

Status
Not open for further replies.

Patrick Ryan

Dabbler
Joined
Dec 18, 2014
Messages
25
We recently had our second of two 2014-era FreeNAS Minis experience a motherboard failure. Luckily I had a spare on hand (I bought a new one when my first original one failed, and had the original failed one repaired by iXsystems) so we moved that one into service while our failed unit is being shipped back to iXsystems for repair (and will then become our on-hand spare). We transferred over the four-drive ZFS encrypted array, and restored the system configuration from backups. The unit powers up properly, and everything appears functional running FreeNAS-9.10.2-U5 - but the encrypted array won't unlock with the passphrase any more. I can unlock it using the recovery key, but not the passphrase. What's more, if I try to change the passphrase, I get the following error:

Code:
Error: Unable to set passphrase on gptid/d393944b-7f3a-11e4-a6e3-d0509938471c: geli: Cannot open keyfile /data/geli/fbecce76-3f44-465a-8d29-34fa3fea5bad.key: No such file or directory.


Am I missing something obvious? And if not, what's the least drastic solution here? I'm a little scared of committing to re-keying the encrypted array, and potentially losing the ability to unlock it with the recovery key.
 

Patrick Ryan

Dabbler
Joined
Dec 18, 2014
Messages
25
Hah! I'm gonna answer my own question: by copying the original key to /data/geli/ (and naming it as per the error) the original passphrase functionality is returned. Easy! No need to re-key or change the passphrase.
 
Status
Not open for further replies.
Top