winnielinnie
MVP
- Joined
- Oct 22, 2019
- Messages
- 3,641
So then if a new snapshot is made on FrickNASty, and you try to use that for an incremental stream to Yolen, it will crash?
Yes, if I try to send FrickNASty/Encrypted/PhotoVideo@auto-2023-04-10_00-00, it crashesSo then if a new snapshot is made on FrickNASty, and you try to use that for an incremental stream to Yolen, it will crash?
Because I get the same crash message when I try to unlock the dataset
then unlocked successfully using passphrase, then via GUI said to unlock with parent and inherit parent encryption
zfs list -r -t filesystem -o name,encryption,encryptionroot,mountpoint FrickNASty zfs list -r -t filesystem -o name,encryption,encryptionroot,mountpoint Yolen zfs mount | grep Yolen zfs mount | grep FrickNASty
What does this show:
Code:zfs list -r -t filesystem -o name,encryption,encryptionroot,mountpoint FrickNASty zfs list -r -t filesystem -o name,encryption,encryptionroot,mountpoint Yolen zfs mount | grep Yolen zfs mount | grep FrickNASty
When I unlock Remote Backups via the GUI, it initially says success then fails with error Permission Denied and then it looks like the screenshot above, which is curious because it appears unlockedWithout using the command-line, you need to first unlock Yolen/RemoteBackups (its own encryptionroot), and then unlock Yolen/RemoteBackups/PhotoVideo (which is also its own encryptionroot). The "unlock" method in the GUI doesn't simply load the key, it also automatically tries to mount.
You should not try to unlock ("load-key") for PhotoVideo before unlocking RemoteBackups.
The same as what? The only time "permission denied" was mentioned before was when you said you tried to mount using the command-line.I think this permission error is the same.
That is what I am talking about. That the permission error I get when trying to unlock Yolen/RemoteBackups is the same problem I have when I tried to mount Yolen/RemoteBackups/PhotoVideo after the GUI said it was unlocked and the command line says the key is loaded and the dataset mounted.The same as what? The only time "permission denied" was mentioned before was when you said you tried to mount using the command-line.
Yes, that is my issue. It should be mounting, and it is not and further causes a kernel panic when you try to unencrypt it. I only did the command line when I was preparing this post so that I can provide more information for those looking from afar to see what is happening under the hood.Then I wonder if you threw off the middleware or GUI by trying to mount in the command-line after unlocking via the GUI?
As it stands now, PhotoVideo uses RemoteBackups as its encryptionroot, and it should automatically mount the moment you unlock RemoteBackups.
then unlocked successfully using passphrase, then via GUI said to unlock with parent and inherit parent encryption
Not asking about replications. In regards to changing the encryption properties of PhotoVideo.For every other replication task though, it doesn't matter if Yolen/RemoteBackups is unlocked or locked.
then unlocked successfully using passphrase, then via GUI said to unlock with parent and inherit parent encryption
--------PhotoVideo (Copied over dataset and all snapshots using "zfs send -Rw BrownNASbackups/RemoteBackups/PhotoVideo | zfs recv -Fuv Yolen/RemoteBackups/PhotoVideo", then unlocked successfully using passphrase, then via GUI said to unlock with parent and inherit parent encryption)
I can access Yolen/Encrypted/PhotoVideo however, and it acts as expected when unencrypting the parent,
Thanks for clarifying.Not asking about replications. In regards to changing the encryption properties of PhotoVideo.
This was my error. It was a typo. I was referring to everything worked with Roshar/Encrypted/PhotoVideo and both FrickNASty and Roshar pools are available to that local host locally. I fixed my original post to better reflect thisJust going by this, it appears "everything worked" so far. So it's hard to see this as the "IV is not available". Otherwise, how would you have been able to access the files within in the first place? (I really doubt it loads anything from the other server to be able to allow you to access data on this particular encrypted dataset.)