Hi everyone,
how is the correct procedure to unlock an encrypted pool after a clean install of FreeNAS on a new boot device?
I had the problem that I was only able to unlock my pool with the help of a geli_recovery.key. I had to use this file/key every time I wanted to unlock the pool. What I done:
6. used geli_recovery.key to unlock the pool
7. rebooted machine, tried to unlock the pool with my passphrase, got same error message as above
8. booted the old FreeNAS installation (from the old USB-Stick), copied /data/geli/6d3cf55b-4b24-436a-9b28-9cf83dbdf78b.key via ssh to my client
9. booted 'new' FreeNAS installation (from the new USB-Stick), copied 6d3cf55b-4b24-436a-9b28-9cf83dbdf78b.key from my client to /data/geli
10. unlocked my pool successfully with my passphrase
So far, so good...
But what would be the normal procedure, if I lost my old installation/USB-Stick?? How do I create /data/geli/**.key with the help of geli_recovery.key or a backup of geli.key?
Thanks
Christian
how is the correct procedure to unlock an encrypted pool after a clean install of FreeNAS on a new boot device?
I had the problem that I was only able to unlock my pool with the help of a geli_recovery.key. I had to use this file/key every time I wanted to unlock the pool. What I done:
- clean install
- imported backup of FreeNAS settings of the previous FreeNAS installation (old USB-Stick)
- went to storage page of FreeNAS
- saw my "old" pool without need to import it
- tried to unlock with my passphrase, got following error message:
Code:
uwsgi: [middleware.exceptions:36] [MiddlewareError: Unable to geli attach gptid/cd672e83-e99f-11e3-a12d-20cf30933ebd: geli: Cannot open keyfile /data/geli/6d3cf55b-4b24-436a-9b28-9cf83dbdf78b.key: No such file or directory.
6. used geli_recovery.key to unlock the pool
7. rebooted machine, tried to unlock the pool with my passphrase, got same error message as above
8. booted the old FreeNAS installation (from the old USB-Stick), copied /data/geli/6d3cf55b-4b24-436a-9b28-9cf83dbdf78b.key via ssh to my client
9. booted 'new' FreeNAS installation (from the new USB-Stick), copied 6d3cf55b-4b24-436a-9b28-9cf83dbdf78b.key from my client to /data/geli
10. unlocked my pool successfully with my passphrase
So far, so good...
But what would be the normal procedure, if I lost my old installation/USB-Stick?? How do I create /data/geli/**.key with the help of geli_recovery.key or a backup of geli.key?
Thanks
Christian