System Config Backups
2 minute read.Last Modified 2021-03-12 16:14 EST
It is highly recommended to back up the system configuration regularly. This preserves settings when migrating, restoring, or if the system runs into any issues. Save the configuration file each time the system configuration changes.
To back up the system configuration, go to System > General and click SAVE CONFIG.
The configuration file contains sensitive data about the TrueNAS system. Ensure that it is stored somewhere safe.
TrueNAS automatically backs up the configuration database to the system dataset every morning at 3:45 (relative to system time settings). However, this backup does not occur if the system is shut down at that time. When the system dataset is stored on the boot pool and the boot pool becomes unavailable, the backup also loses availability.
SSH keys are not stored in the configuration database and must be backed up separately. System host keys are files with names beginning with *ssh_host_* in
/usr/local/etc/ssh/. The root user keys are stored in /root/.ssh.
There are two types of passwords affected by the system backup: hashed and encrypted:
When SAVE CONFIG is chosen, a dialog gives two options:
- Export Password Secret Seed includes encrypted passwords in the configuration file. This allows the configuration file to be restored to a different operating system device where the decryption seed is not already present. Configuration backups containing the seed must be physically secured to prevent decryption of passwords and unauthorized access.
- Export Pool Encryption Keys includes the encryption keys of encrypted pools in the configuration file. The encryption keys are restored if the configuration file is uploaded to the system using UPLOAD CONFIG.