Global SED password in Scale

[Xan]

In Core it's possible to enter global SED password. Not possible in Scale - no such setting. Only overriding global SED by setting indywidual SED passwords for each disk separately. Am I doing something wrong? Maybe it's only from cli? No help in documentation.

Where to input global SED password?
Can I use it the same way like software encryption pool with passphrase? I want to decrypt pools manually after system start. I don't want to use keyfiles.
Do I have to initialise disks to have encryption running or just create new pool?

 

[sretalla]

Where to input global SED password?

Well, the API docs say that system.advanced.config has sed_user as one of the outputs, so you can probably set it with system.advanced.update

Can I use it the same way like software encryption pool with passphrase?

No not really.

I want to decrypt pools manually after system start. I don't want to use keyfiles.

Then that's what you should do... encrypt your pools with ZFS native encryption and use passphrase type.

Do I have to initialise disks to have encryption running or just create new pool?

Just a new pool (can only be set at creation time on the pool and then for each dataset inside).

 

[appliance]

Well, the API docs say that system.advanced.config has sed_user as one of the outputs, so you can probably set it with system.advanced.update

thanks, this has allowed me to reset the password that is not accessible in SCALE UI
curl -X PUT "https://truenas/api/v2.0/system/advanced" -H "accept: */*" -H "Authorization: Basic token" -H "Content-Type: application/json" -d "{\"sed_passwd\":\"password\"}"
there's even a playground in "Docs". Note: It's not accessible if any of Web ports are changed from defaults (80, 443).