I am trying to understand the best practice / easiest path for home NAS with offsite replication. Here's my setup -
Machine1
Pool1
Dataset1
Dataset11
Dataset12
Machine2
Pool2
Dataset2
BackupOfDataset1
Dataset11
Dataset12
Machine1 and Machine2 are each within a personal household, each with one pool, each with their own personal data, but also an encrypted replication of the pool on the other machine.
What I would like to do is have Machine1 on my home network, datasets encrypted, but automatically unlocked on reboots. Dataset1 should replicate to Machine2, but Machine2 root should not be able to understand its contents.
This is working for me using key encryption and basic replication, but once I unlock BackupOfDataset1 a single time on Machine2, the key is cached in the pool and it is unlocked through reboots. At this point I can Export the pool, then reattach it, and it will forget the key - but that seems heavy handed and error prone - I'll need to re-enter all the other keys, make sure shares don't break, etc.
What I would like is for Dataset1 to auto-unlock (via key or passphrase), and for BackupOfDataset1 to be able to be locked/unlocked (via key or passphrase). Is there a way to configure this way?
Thanks,
dave
Machine1
Pool1
Dataset1
Dataset11
Dataset12
Machine2
Pool2
Dataset2
BackupOfDataset1
Dataset11
Dataset12
Machine1 and Machine2 are each within a personal household, each with one pool, each with their own personal data, but also an encrypted replication of the pool on the other machine.
What I would like to do is have Machine1 on my home network, datasets encrypted, but automatically unlocked on reboots. Dataset1 should replicate to Machine2, but Machine2 root should not be able to understand its contents.
This is working for me using key encryption and basic replication, but once I unlock BackupOfDataset1 a single time on Machine2, the key is cached in the pool and it is unlocked through reboots. At this point I can Export the pool, then reattach it, and it will forget the key - but that seems heavy handed and error prone - I'll need to re-enter all the other keys, make sure shares don't break, etc.
What I would like is for Dataset1 to auto-unlock (via key or passphrase), and for BackupOfDataset1 to be able to be locked/unlocked (via key or passphrase). Is there a way to configure this way?
Thanks,
dave