Hinterwaeldler
Dabbler
- Joined
- Sep 13, 2021
- Messages
- 11
So my assumption is the following:
So TrueNAS is very good at encrypting my data at rest with encryption enabled directly on pools or datasets. This does however not protect configuration of TrueNAS itself. Which I can understand, meaningfull full disk encryption of the system disk would require a password to be entered before boot, which is a pita for a networked appliance, and normally there should not be sensitive data in the configuration itself, user account passwords are hashed. TrueNAS can hash passwords that are used to authenticate against the truenas server. But that does not work for passwords that TrueNAS must use with 3rd parties.
So I have setup a Cloud Sync task with encryption as desaster recovery backup. For that, TrueNAS must store the access credentials to the storage provider, and the encryption password and salt somewhere in it`s configuration. Maybe that configuration is obscured a bit, but it's there, and it is accessible. So if someone steals the TrueNAS server, he can't access the encrypted storage pools, but he can access the system disk with the configuration database. From that configuration database, he can extract the cloud credentials and encryption password, and gain full access to the data via the cloud backup.
BUT ... what if I delegate the cloud backup to a jail? I know that I cannot encrypt the dataset with the system configuration, but I can encrypt the dataset with jails, right? So can I solve this by encrypting the iocage dataset, and putting a small jail there where I do the rclone?
So TrueNAS is very good at encrypting my data at rest with encryption enabled directly on pools or datasets. This does however not protect configuration of TrueNAS itself. Which I can understand, meaningfull full disk encryption of the system disk would require a password to be entered before boot, which is a pita for a networked appliance, and normally there should not be sensitive data in the configuration itself, user account passwords are hashed. TrueNAS can hash passwords that are used to authenticate against the truenas server. But that does not work for passwords that TrueNAS must use with 3rd parties.
So I have setup a Cloud Sync task with encryption as desaster recovery backup. For that, TrueNAS must store the access credentials to the storage provider, and the encryption password and salt somewhere in it`s configuration. Maybe that configuration is obscured a bit, but it's there, and it is accessible. So if someone steals the TrueNAS server, he can't access the encrypted storage pools, but he can access the system disk with the configuration database. From that configuration database, he can extract the cloud credentials and encryption password, and gain full access to the data via the cloud backup.
BUT ... what if I delegate the cloud backup to a jail? I know that I cannot encrypt the dataset with the system configuration, but I can encrypt the dataset with jails, right? So can I solve this by encrypting the iocage dataset, and putting a small jail there where I do the rclone?
