Protecting the pwenc_secret File

T

travis5462

Cadet
Joined
Sep 9, 2018
Messages
1
So I'm working on trying to encrypt/protect the /data/pwenc_encrypt file as this is used to encrypted all the AD/cloud credentials and rclone encryption password/salt. While I have password protected the pools, they are backed up to the cloud with rclone and encryption using the cloud tasks. So, if the system is powered off, all the data would still be accessible as you can decrypt the secrets from the local database file and access the encrypted cloud storage.

So my question is, is there anyway to encrypt/protect the pwenc_secret file so when the host boots, it asks for a password or uses a KMS to decrypt?

I know that physical security would be the better option all around but I'm just looking for any options that might be available.
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "Protecting the pwenc_secret File"

Similar threads

P
[Cloud Sync Encryption] Directory name encrypted with different password
Replies
1
Views
1K
Pheggas
P
J
Cloud Sync File Path Length Too Long
Replies
1
Views
1K
chr1ss
C
B
Cloud backup to an already created google crypt drive
Replies
1
Views
659
bar1
B
O
TrueNAS backups
Replies
7
Views
1K
Ofloo
O
H
Secure Storage of Cloud Sync Encryption Password and Credentials
Replies
0
Views
1K
Hinterwaeldler
H
Top