Replacing Failed GELI Encrypted Disk TrueNAS

[MikeUK]

Hi,

Sorry for the newbie questions, its the first time replacing a failed disk.

I have a GELI encrypted pool, which has no pass phrase and one of the disks has failed. I have backed up the keys, while looking for information on how to go about replacing the disk i found the following, warning below, its for FreeNas 11. I cannot see anything similar in TrueNas 12 documentation does this mean don't need to set a passphrase any more before i replace this disk?

If i do need to as a passphrase how do i do this using TrueNAS 12 for the legacy encryption?

Thanks

9.5.1.1. Replacing an Encrypted Disk​

If the ZFS pool is encrypted, additional steps are needed when replacing a failed drive.

First, make sure that a passphrase has been set using the instructions in Managing Encrypted Pools before attempting to replace the failed drive. Then, follow steps 1 and 2 as described above. During step 3, there will be a prompt to enter and confirm the passphrase for the pool. Enter this information, then click REPLACE DISK. Immediately restore the encryption keys to the pool. If this additional step is not performed before the next reboot, access to the pool might be permanently lost.

1. Highlight the pool that contains the recently replaced disk and click Add Recovery Key to save the new recovery key. The old recovery key will no longer function, so it can be safely discarded.

 

[naz119849]

Did you end up figuring this out?

I"ve got a similar question that crosses over into what you're asking.
The current TrueNAS 12 documentation points out:

TrueNAS no longer supports GELI encryption (deprecated)

However, a question that isn't addressed is if TrueNAS will still support the replacement of disks within GELI-encrypted pools. For example, if a GELI-encrypted pool experiences a disk failure, if you replace that disk will TrueNAS still implement GELI-encryption during the replacement and for "the remaining life of the pool", so to speak?

Documentation prior to TrueNas 12 had a section like Replacing an Encrypted Disk that MikeUK has quoted, however it doesn't appear that any such documentation exists for TrueNas 12.

 

[MikeUK]

Did you end up figuring this out?

I"ve got a similar question that crosses over into what you're asking.
The current TrueNAS 12 documentation points out:

TrueNAS no longer supports GELI encryption (deprecated)

However, a question that isn't addressed is if TrueNAS will still support the replacement of disks within GELI-encrypted pools. For example, if a GELI-encrypted pool experiences a disk failure, if you replace that disk will TrueNAS still implement GELI-encryption during the replacement and for "the remaining life of the pool", so to speak?

Documentation prior to TrueNas 12 had a section like Replacing an Encrypted Disk that MikeUK has quoted, however it doesn't appear that any such documentation exists for TrueNas 12.

Hi,

It turned out a drive had just disconnected, re-seating it fixed the issue without needing to replace it.

Sorry that's not much help for you

 

[Teeps]

Did you end up figuring this out?

I"ve got a similar question that crosses over into what you're asking.
The current TrueNAS 12 documentation points out:

TrueNAS no longer supports GELI encryption (deprecated)

However, a question that isn't addressed is if TrueNAS will still support the replacement of disks within GELI-encrypted pools. For example, if a GELI-encrypted pool experiences a disk failure, if you replace that disk will TrueNAS still implement GELI-encryption during the replacement and for "the remaining life of the pool", so to speak?

Documentation prior to TrueNas 12 had a section like Replacing an Encrypted Disk that MikeUK has quoted, however it doesn't appear that any such documentation exists for TrueNas 12.

They seem to have updated the docs to address this, but the docs still feel light on documenting the process of replacing a failed disk in a GELI-encrypted pool. Are all of the warnings from FreeNAS 11 docs still valid on TrueNAS 13-U1? Are there are further relevant details to keep in mind?