I guess I was more so looking for the flexibility to use a key file only lock mechanism versus passphrase. But after thinking about this more and more over the time I posted the question, for my needs, I will use encryption strictly for the ease of disposing hard drives without the need to wipe them, versus needing to protect the data that is on it from being compromised. I use long, complex, and unique enough passwords to protect against unauthorized access, as well as a robust firewall solution that the server will sit behind that I'm not worried about that avenue.
There are actually very practical attack vectors and thus I am also calling for this feature. Now let me give 2 attack scenarios where a key file may help:
1. Imagine that your NAS is hosted at a physical location where many of your friends could have access to and it is almost never restarted (e.g. in the computer lab). You accidentally used a passphrase which is compromised by some over-the-shoulder attack which you are not aware of / you happen to use a passphrase which could be guessed for some reason. Using a key stored on some thumb drive, which is put at home and brought to school only in the case of restart, will prevent leaking of data. (similar to why banks are using 2FA auth)
2. you happen to have some data storing in the NAS in your room, which your mom does not like. Now, your mom came to your room and shot: "give me the passphrase! let me see your disk". Your refusal to her request will apparently cause trouble. However, if you say "I need a key file to show you the data, but the thumb drive storing that file is left in my lab, and let me fetch it for you by Monday.". It gives you time to think about how to deal with the problem without causing a breaking relationship with your mother.
---------------------------------------------------------------------
Great, I found a work around and it has been working for me so far.
1. take a usb drive and insert to your freenas as the "key drive", format and partition it correctly (w/o encryption)
2. setup a passphrase for your keys
3. copy the entire folder of /data/geli into the key drive
4. remove the /data/geli folder
5. setup automount of the drive at /data/geli
6. remove the key drive
7. whenever rebooting is needed, insert the key drive and enter passphrase, and the key drive can be removed thereafter
For newly setup system, only 5-7 is needed
Without the key drive, it is impossible to unlock the encrypted disks, so back up a few copies of the key drive