........ but not others.
Does anyone know:
1. Why some encrypted volumes automatically mount without typing the unlock the key after a reboot and not the others?
2. Is there a way to get the functionality back on the volumes that stop working (yes, even if it isn't supported)?
And for those that will ignore my actual question and just tell me this is functionality by design:
1. Then the design isn't working, as 2 out of 3 of my Encrypted volumes do automatically mount after a reboot, every time.
2. And why is this the design? The argument I have read elsewhere, that in the event someone steals my hardware they could access the data, doesn't really hold water for my use cases. Not to start a religious battle here, but it really is no more or less secure if the system (as configured by the admin) boots normally unlocked because there are still OS and Share based authentications that normally protect the system every day. If those aren't good enough protections, then by all means we should never use FreeNas for secure data. What really needs protected here in the case of theft, is someone removing my drives and plugging them into their FreenNas setup and gaining access to the data without the keys or user authentication. IMO, it is far more risky to have a non-redundant storage controller that cannot recover from crashes automatically than it is to have a server stolen and then accessed. The former happens all the time, the latter, well it's never happened to me, so why is this the design case? If you disagree for your use case fine, can we at least agree that auto-encrypted-remount should be an optional configuration for the admin?
Thanks for everyone's help in advance,
Josh
Does anyone know:
1. Why some encrypted volumes automatically mount without typing the unlock the key after a reboot and not the others?
2. Is there a way to get the functionality back on the volumes that stop working (yes, even if it isn't supported)?
And for those that will ignore my actual question and just tell me this is functionality by design:
1. Then the design isn't working, as 2 out of 3 of my Encrypted volumes do automatically mount after a reboot, every time.
2. And why is this the design? The argument I have read elsewhere, that in the event someone steals my hardware they could access the data, doesn't really hold water for my use cases. Not to start a religious battle here, but it really is no more or less secure if the system (as configured by the admin) boots normally unlocked because there are still OS and Share based authentications that normally protect the system every day. If those aren't good enough protections, then by all means we should never use FreeNas for secure data. What really needs protected here in the case of theft, is someone removing my drives and plugging them into their FreenNas setup and gaining access to the data without the keys or user authentication. IMO, it is far more risky to have a non-redundant storage controller that cannot recover from crashes automatically than it is to have a server stolen and then accessed. The former happens all the time, the latter, well it's never happened to me, so why is this the design case? If you disagree for your use case fine, can we at least agree that auto-encrypted-remount should be an optional configuration for the admin?
Thanks for everyone's help in advance,
Josh