Cautionary Tale

[Glenn Buckholz]

Hey all. I've been a FreeNAS user for over a year now and I wanted to re-enforce a lesson learned. Back up your encryption keys and test them monthly.

This is my sob story, and no FreeNAS functions nearly flawlessly, this was all my fault.
I created a highly redundant raid2z volume. Since I have work information on here I encrypted it. Since the storage space was so large I put personal stuff there too. Then I dutifully placed the recovery keys on a USB stick and on a safe locally accessable place and went on my merry way for a year, until yesterday. A series of unfortunate events caused me to loose 4TB of data, work and personal.

1. My passpharse got deleted from my password vault.
2. I accidentlly deleted my local recovery keys freeing up space.
3. My failsafe USB drive got.... repurposed.

Now, unless I can guess my passphrase its all gone. I did learn some things here though and I thought I'd share.

1. If you have a need for encryption make sure you encrypt only what is necessary.
-If you loose you keys you are only out a minimal set of information, albit important information

2. Test using your backup recovery keys once a month and master key with passphrase.
-set a google calendar reminder. One test would have saved me heartache and it takes maybe 10 minutes.

3. I downloaded the master key not the recovery key because I was careless.
-Minutes before my ill fated reboot I verified that I re-downloaded what I though were the keys but it was the master key that needed the passphrase I didn't have, not the recovery key... make sure you see _recovery in the downloaded file name. This gave me a false sense of security and was the most frustrating part of this escapade.

4. For must have stuff use offsite backups. My photos, the most irreplaceable things I have were backed up in S3 using the s3 plugin.
-Although I lost alot, I at least have the most important things restoreing right now. The money I spent on 200GB of s3 storeage is well worth it.

Learn from my mistakes everyone. Happy storage all.

 

[anodos]

Hey all. I've been a FreeNAS user for over a year now and I wanted to re-enforce a lesson learned. Back up your encryption keys and test them monthly.

This is my sob story, and no FreeNAS functions nearly flawlessly, this was all my fault.
I created a highly redundant raid2z volume. Since I have work information on here I encrypted it. Since the storage space was so large I put personal stuff there too. Then I dutifully placed the recovery keys on a USB stick and on a safe locally accessable place and went on my merry way for a year, until yesterday. A series of unfortunate events caused me to loose 4TB of data, work and personal.

1. My passpharse got deleted from my password vault.
2. I accidentlly deleted my local recovery keys freeing up space.
3. My failsafe USB drive got.... repurposed.

Now, unless I can guess my passphrase its all gone. I did learn some things here though and I thought I'd share.

1. If you have a need for encryption make sure you encrypt only what is necessary.
-If you loose you keys you are only out a minimal set of information, albit important information

2. Test using your backup recovery keys once a month and master key with passphrase.
-set a google calendar reminder. One test would have saved me heartache and it takes maybe 10 minutes.

3. I downloaded the master key not the recovery key because I was careless.
-Minutes before my ill fated reboot I verified that I re-downloaded what I though were the keys but it was the master key that needed the passphrase I didn't have, not the recovery key... make sure you see _recovery in the downloaded file name. This gave me a false sense of security and was the most frustrating part of this escapade.

4. For must have stuff use offsite backups. My photos, the most irreplaceable things I have were backed up in S3 using the s3 plugin.
-Although I lost alot, I at least have the most important things restoreing right now. The money I spent on 200GB of s3 storeage is well worth it.

Learn from my mistakes everyone. Happy storage all.

Thanks for sharing this. It's a pity that you lost data. Hopefully someone will read this and give extra thought to whether he really needs to encrypt his pool

 

[DrKK]

I strongly recommend against encrypting pools.

Most people only have a few files that need encryption. If that's the case, a TrueCrypt folder is sufficient.

Plus, who are you trying to prevent seeing your stuff? A possible perpetrator would have to:

1. care about you
2. care about your data
3. have heard of ZFS
4. having heard of ZFS be able to recover data from a pool
5. having done so, you would have to have data they would have given a shit about anyway

So, since the odds of these things are like, 5%, 5%, 5%, 1%, and 5%, respectively, for a grand total of 0.00000625%, I think you have a greater chance of your genitals sprouting wings and flying south for winter.

So unless you work for a company that has "data encryption" as some kind of policy point, I think it's dumb. The risk is real (your post outlines it), and the benefit, dubious. There's only going to be two kinds of attacker out there: 1) Joe blow the jackass, and he can't get at your unencrypted ZFS filesystem anyways, and 2) professionals and state-level actors, and encrypting won't help you there more than likely.

So I think encryption's a bad deal for a ZFS pool. I steer users away from it any chance I get. All risk, no reward.