PhreakShow
Dabbler
- Joined
- Sep 16, 2020
- Messages
- 17
Hey guys.
Sorry if thats the 100th thread about encryption, but I am pretty puzzled right now. I did a search but weirdly it yielded mostly pretty old threads (>1 year).
My plan was: Supermicro A2SDI-H-TF, four 8TB WD red, 32GB RAM and a sata dom. Create one pool, raidz1, have it encrypted. Set a password.
System does a cold boot, someone has to log in and type the password via webinterface. Pool unlocks and the share is accessible.
Tha's actually how I've been doing it for a while, not sure on the version, I suppose it's 11.
My concern is theft. There's lots of work stuff on that NAS, about 6TB and growing.
But it seems I cannot do it like that anymore. I can encrypt it, but the key is stored on the NAS and of course that renders it useless against theft. It helps in discarding the disks, though.
Adding a password is also not possible if I understood the manual correctly. For that I'd have to move the system dataset to a different pool, which is not possible becuase I only have one pool. Also it is not a smart thing to do to put it on a flash drive, at least it says so in the manual.
So what to do? Did I miss something? Do I have to go back to an older version and never run an update again?
Sorry if thats the 100th thread about encryption, but I am pretty puzzled right now. I did a search but weirdly it yielded mostly pretty old threads (>1 year).
My plan was: Supermicro A2SDI-H-TF, four 8TB WD red, 32GB RAM and a sata dom. Create one pool, raidz1, have it encrypted. Set a password.
System does a cold boot, someone has to log in and type the password via webinterface. Pool unlocks and the share is accessible.
Tha's actually how I've been doing it for a while, not sure on the version, I suppose it's 11.
My concern is theft. There's lots of work stuff on that NAS, about 6TB and growing.
But it seems I cannot do it like that anymore. I can encrypt it, but the key is stored on the NAS and of course that renders it useless against theft. It helps in discarding the disks, though.
Adding a password is also not possible if I understood the manual correctly. For that I'd have to move the system dataset to a different pool, which is not possible becuase I only have one pool. Also it is not a smart thing to do to put it on a flash drive, at least it says so in the manual.
So what to do? Did I miss something? Do I have to go back to an older version and never run an update again?