hasirak
Dabbler
- Joined
- Apr 16, 2014
- Messages
- 16
Background:
I used to run with FreeNAS-11.3-U5, but lately my encrypted pool would fail to unlock with the passphrase, and I had to use the Geli recovery key each time I would unlock the pool. I took this as a sign to update and are now running a clean install of TrueNAS 13.0-U6. I have recreated the setup that I had in FreeNAS (passphrase encrypted pool), and moved my data over to it. Things seem to be working as expected, but I noticed that Geli encryption is now deprecated, and I couldn't find a way to download any recovery files in the web-ui.
My question:
What is the current best practice to ensure that I don't get locked out of my passphrase encrypted pool? Are there any recovery files I should download, or will this single passphrase always be enough to recover the pool? Let's say some accident physically destroys my server but leaves n-2 disks unharmed (I am using Raid-Z2). If I then placed my remaining disks in a new server, would I then be able to unlock the pool and save my data only with the passphrase?
I used to run with FreeNAS-11.3-U5, but lately my encrypted pool would fail to unlock with the passphrase, and I had to use the Geli recovery key each time I would unlock the pool. I took this as a sign to update and are now running a clean install of TrueNAS 13.0-U6. I have recreated the setup that I had in FreeNAS (passphrase encrypted pool), and moved my data over to it. Things seem to be working as expected, but I noticed that Geli encryption is now deprecated, and I couldn't find a way to download any recovery files in the web-ui.
My question:
What is the current best practice to ensure that I don't get locked out of my passphrase encrypted pool? Are there any recovery files I should download, or will this single passphrase always be enough to recover the pool? Let's say some accident physically destroys my server but leaves n-2 disks unharmed (I am using Raid-Z2). If I then placed my remaining disks in a new server, would I then be able to unlock the pool and save my data only with the passphrase?