encryption

  1. NickF

    Resource TrueNAS SCALE: A “Datacenter-in-a-box" 1.2

    As a pre-requisite, consider reading my TrueNAS SCALE virtualization guide! https://www.truenas.com/community/resources/getting-started-with-virtualization-on-truenas-scale.214/ This resource is meant to be a series. Part 1 will cover both the theory behind what I mean by Datacenter-in-a-box...
  2. Volte

    SOLVED Geli Encrypted Recovery Issue

    Hi all! I know what you're thinking: Oh no, another "my data is encrypted and I can't recover it!". I understand the risks that come with running encrypted disks. I have a peculiar situation none-the-less and would love a few additional brains on the matter. (I figured I'd take my long...
  3. M

    Не расшифровывается zpool

    Добрый день. Есть FreeNAS на Proxmox VE, на котором есть зашифрованный пул. Перестало хватать места, добавил в гипервизоре, сделал gpart commit da1 (то есть, расширил физический диск пула), попытался расширить zpool свойством autoexpand -- не расширился. Попытался расширить раздел, где...
  4. PhiloEpisteme

    Reusing Encryption Keys & Passphrases

    Let's get the messy bit out of the way. This resource makes no claim about whether you should or should not use encryption. Discussion on the merits or implementation strategy used in FreeNAS is not relevant to this resource. I'm not looking to advocate for or against encryption. This resource...
  5. 0

    Should be OS drive be redundant when using encryption?

    I am currently building a small freeNAS machine and I am planning to encrypt the HDDs. I'm planning to use 2 SSDs in RAID1 and 1 SSD for the OS. Now I'm wondering what would happen if the SSD died? Am I just screwed then? Or could I just install freeNAS onto a new SSD, replace it with the old...
  6. 0

    Encryption and Wake On LAN (remotely enter password)

    I would like to build a NAS based on freeNAS using the ASUS P9DI motherboard a Xeon CPU and some ECC RAM. I need the data on the NAS to be encrypted securely, but at the same time I need a convenient way to access them. Since burglaries happen quite often in my district and data often is the...
  7. K_REY_C

    Unable to Select Volume when Importing Encrypted Disk (one disk of a formerly a two-disk clone)

    Looking for some guidance on how to re-import my encrypted disk (1 disk of a formerly 2-disk, encrypted, cloned). I've tried this on a the legacy and new interface. I suspect I'm missing something critical, but would love some guidance. The encryption key and passphrase seem to get past step #2...
  8. T

    FreeNAS 11.1-U7 Cannot import encrypted volume

    FreeNAS 11.1-U7 Cannot import encrypted volume The story goes: I'm running a 4 disk (3TB each) RAIDZ2 configuration & I was replacing an overheating disk. Shut the system down, removed the disk, put a new one in, and restarted. It's a little vague right now, as it was a couple of days ago, but...
  9. A

    Why is MasterKey half Zero's after Assigning Password?

    Greetings, I noticed half of the "Master Key" data returned by 'geli dump /dev/gptid/[disk-uuid]' changes to zero's (0's) after assigning a password to the volume in FreeNAS. Does anyone know why? Thanks.
  10. Y

    command for deleting backup files after 3 weeks

    So I created a cronjob for backing up my SMB to a external usb drive (command: rsync -zvr /mnt/files /mnt/Backup/ --delete-after) but I want it to delete the files which were deleted on the SMB only after 3 weeks on the backup drive, not immediately (as in the current command), but I don't know...
  11. Number1Onion

    MacPro 3,1 - E5462 2.8GHz performance

    I have this MacPro 3,1 with a Xeon E5462 2.8GHz Harpertown cpu. The E5462 doesn't have AES-NI. Its currently running 11.1 U4. I'm considering encrypting my 6x1tb RaidZ2. Currently there is no data on it as this was just built a few days ago. Thoughts on performance, etc. I'm using a Dell H310...
  12. Robs.Atlas

    SOLVED New GUI missing "Browse for Recovery Key"?

    Hi all, I don't seem to find how to unlock my encrypted pool from the new GUI. After an accidental upgrade from 11.1-Stable to 11.2 my encrypted pool won't unlock. With the most likely cause being that the right key was not backed up. BUT this is not the issue I want to raise. I struggled to...
  13. R

    SEDs and FIPS 140-2 certification

    not sure if this is the right place for a feature request..... Companies, institutions and government are increasingly requiring FIPS 140-2 certification for data at rest. I understand the reasoning and applaud iX for adding support for SEDs, however at least for me, there's one big problem...
  14. C

    SOLVED Unable to complete enrypted drive unlock

    I began to notice very poor performance of my FreeNAS earlier today (taking ~20min to do an rsync dry run that would usually be done in 20 seconds). After trying a couple of times, I discovered that my previously unlocked encrypted volume had locked itself. When I try to unlock it, I get stuck...
  15. W

    Understanding How Encryption Works

    Hello, I figured this was a different kind of question about the encryption so I should create a new post. I am trying to figure out how the encryption works and how I can prove it works. As I explained in my other post I am looking to put PHI data on my FreeNAS 11.1 U4 system and it will be...
  16. W

    Encryption Type

    Hello, I am currently looking to store PHI data on one of my volumes. The thing is I know I will have a PCI auditor asking what encryption method is used and prove it. I looked through the user guide for version 11 and can't find any documentation that states something like "AES-256 is used". Is...
  17. M

    Encryption - Key ONLY Locking

    Hello! I am currently playing around extensively in a virtual environment with FreeNAS in order to completely familiarize myself before migrating over to it (Currently using a software raid5 on Linux). I am considering using encryption and I am looking over the documentation in this matter. It...
  18. PetrZ

    Replication of encrypted pool

    Hi. I would like to ask, how it's about replication of encrypted pool. Is needed to use strong (or any) cipher as decrypted data are transferred, or is already safe as "drive data" (already encrypted) are transferred?
  19. B

    Entschlüsseln eines Pools nach CleanInstall

    Hallo zusammen, Ich habe FreeNAS 11.1 auf einem neuen USB-Stick installiert und nicht, wie bisher immer, ein Upgrade einer bestehenden Installation gemacht. Von meiner bestehenden Installation (11.0-U4) habe ich dein Einstellungen, den GELI.key und Recovery.key herunter geladen. Nach der...
  20. D

    First FreeNAS build

    Hello After a lot of reading, I thought I'd post my plan for my freenas box before buying anything. Motherboard: Asus P10S-I Mini Itx CPU: Intel Core i3 7300 2x16 GB Samsung 2133 MHz ECC DDR4 (From manufacturer QVL) HBA: IBM/Lenovo M1215, to be flashed to IT mode PSU: Seasonic Prime 850 Watt...
  21. B

    FreeNAS 11.1 ZFS panic as replication target with encryption

    When doing a replication from FreeNAS 9.3 to 11.1 and where the target volume has been enabled for encryption, ZFS reliably panics: panic() dblfault_handler() Xdblfault() --- trap 0x17 vdev_queue_io_to_issue() vdev_queue_io_done() zio_vdev_io_done() zio_execute() zio_vdev_io_start()...
  22. MacLemon

    Migrating encrypted pool to new (larger) encrypted pool

    I need to migrate my existing encrypted zpool (RAIDZ2) onto a new, larger and also encrypted zpool. Luckily I do have a test system which I can test the whole procedure on and trash it as many times as I like. I have read many threads on migration of pools but none of them actually takes into...
  23. B

    Encrypted array lost after upgrade to FreeNAS-11.0-RELEASE

    Hi guys, i have a really bad problem. I recently upgraded a FreeNAS 9.10 server to FreeNAS 11. The server has 4 arrays. One, of a little crude construction, did not make the upgrade. The other three suvived. One guess is that it is because of the construction of the array: It once was a normal...
  24. S

    SOLVED Data privacy during travel

    Hi, I'm currently running FreeNAS-11.0-U4 with a single unencrypted pool composed of 6*4TB WD Red hard drives in RAID-Z2. The main use of my NAS is for Plex, and let's say that I have rather large libraries of content if you know what I mean. In the not too distant future, I will have to move...
  25. R

    Why is a re-key required when replacing a failed encrypted disk?

    Hi, It may seem obvious, or I haven't had enough coffee yet today, but why is a re-key required when replacing an encrypted volume? Typing in the password to add the new drive seems to bring it on line. What does a re-key do after that, that is needed? Does the geli key for the volume need to...
  26. P

    Rekeying and importing encrypted volume after restoring config backup

    Hi, Two questions on encryption: I want to rekey my encrypted volume as I no longer trust that my geli key is safe... From the documentation, it seems to be a matter of clicking the rekey button, is that correct or do I risk losing data in the process? Second question is harder... So, I have...
  27. Pancackewaffle

    CPU Temperature and transcoding difficulties

    Alright so I have somewhat of a hybrid system because I had it lying around (Dell XPS 730X, i7-965 @ 3.7 Ghz, 12 GB of DDR3 RAM, H2C cooling unit, 1000 watt PSU, USB boot drive, seperate jail HDD with a single storage HDD). I also did things while installing FreeNAS for the first time because...
  28. JayG30

    ZFS native encryption

    Hello, Today I saw that the work being done by Tom Caputi over at Datto was merged into ZoL. Very exciting to see. Curious if there is any ongoing effort on the BSD side? Thanks. ::references:: https://github.com/zfsonlinux/zfs/pull/5769 https://www.youtube.com/watch?v=frnLiXclAMo...
  29. D

    Full-Disk Encryption in FreeNAS 11

    A few years ago before building my first FreeNAS server, I researched full-disk encryption on FreeNAS and followed the advice of the general consensus which was to just use encrypted TrueCrypt/VeraCrypt containers for sensitive data. Fast forward to 2017 and I'm wondering if we're still at a...
  30. G

    SOLVED Hi, genBTC here. Windows Samba issue and iSCSI+NTFS local mounting issue

    Hey guys, its genBTC here. I'm 32 and a lifelong PC nerd and I am very excited about finally being able to use FreeNAS. About last week I was at the recycling center, and I found a thrown away old server, that turned out to be still good. The specs are in my signature. Along with the rest of my...
  31. O

    About FreeNAS and virtualization + ZFS

    This is going to be a bit of a longer story so please bear with me. At work, I am in need to setup a server at an ISP which I need to certify according to ISO 27001 so one of my problems is that when one of the HDs fails it will get replaced by the ISP and I was looking to use encryption to...
  32. Alan W. Smtih

    How can you tell if a zpool is encrypted

    I'm in the process of replacing a hard drive on my FreeNAS-9.10.2-U5 system. There's a note at the beginning of Replacing a Failed Drive that says: > If your pool is encrypted with GELI, refer to Replacing an Encrypted Drive before proceeding. The first line in that section is: > If the ZFS...
  33. MauricioU

    "Cannot import: No such pool available" on encrypted volume

    So I've been scouring these forums for some information on this to no avail. Lots of similar posts but not quite the same. Last night my freenas bootdrive failed apparently. I went to upgrade to freenas11 U1 and my boot drive somehow got stuck repeating the same thing over and over again and...
  34. P

    SOLVED Can't Create New Passphrase for Encrypted Pool

    We recently had our second of two 2014-era FreeNAS Minis experience a motherboard failure. Luckily I had a spare on hand (I bought a new one when my first original one failed, and had the original failed one repaired by iXsystems) so we moved that one into service while our failed unit is being...
  35. S

    SOLVED Boot Drive Gone / Encrypted Disks / Attempt to Import + Unlock Fail [ESXi]

    Config: FreeNAS-9.10.2-U4 on VMware ESXi 6.0 U3. 1 zPool = "Tank1" = 8 2-disk mirror vdevs (reference signature for all details), encrypted, no passphrase. Problem: Boot environment gone, attempted to import with recent config backup + recovery key (/data/GELI not available to restore)...
  36. C

    11RC4 User Guide: New Features - A Question About Encryption Statement

    FreeNAS 11RC4 User Guide states: "Encrypted volumes now use the AES-256 cipher." Which encryption was in use before FreeNAS 11? I just ran 11RC4 as a test on some empty pools. I created an encrypted pool in 9.10.2U4 then upgraded the pool flags within 11RC4. Does that mean it is now using...
  37. X

    iSCSI + Bitlocker?

    Am I insane for thinking this might be a good idea? I am currently using a VHD encrypted with BitLocker but I am considering moving this to the network. Would iSCSI provide better performance vs SMB? How about snapshots? I haven't tested anything so I was more just throwing it out there. The...
  38. F

    Drive encryption without passphrase, is it ok?

    Hello, I would like to protect the data stored on the drives in the case I have to RMA them. I'm not trying to protect from the thief of the NAS. So I'm thinking about using drive encryption without passphrase (so, the drive will mount automatically at boot). So I read the doc. I understand...
  39. D

    Re-key failure & cannot read metadata

    I think I fell victim to a a combination of two "bugs". No, I don't have a backup of my 24TB of data, but literally had just bought new hardware to setup as a full backup the day before and had started to copy a little bit of data over. I'm new to this so here is what happened... I added a...
  40. arameen

    Can't import/unlock encrypted zpool anymore

    Background Lately i had issues with one of my drives in my encrypted zpool. I was getting read and writeerrors and pool degradation. After doing some smarttests, short and long one, nothing seemed strange. I cleared the faults. But freeNAS kept complaining and degrading the pool and after a few...
  41. Ben1010101

    Encryption Checklist?

    Hi everyone, I've just assembled my first NAS server. The hardware specifications are as follows: HP Proliant ML10 V2 16GB (4 x 4GB) DDR3 1600MHz (@ 1333MHz) ECC Intel Pentium G3240 Seagate ST1000DM003 Toshiba DT01ACA300 (Quantity: 2) SanDisk SDCZ43-016G (Quantity: 2) Thus far, I've...
  42. V

    Using FreeNAS volume on another computer

    Hi everyone! I am brand new to this wonderful world of FreeNAS and I have some questions: Suppose I have a USB device used as a media storage for my FreeNAS. But now I have decide to take it out of my FreeNAS server and plug it on another computer (a normal desktop computer, not running...
  43. K

    AES-XTS 256

    Hi, can someone guide me how to create encrypted volume with AES-XTS 256 encryption algorithm ? By default, FreeNAS is using AES-XTS 128 for data when you create volume from GUI, for some compliance reasons I need to change it to AES-XTS 256. I am trying to test this on VMWare virtual machine...
  44. A

    Looking for encrypted pool security mechanism

    I am looking at encrypting my pool on my current system. I have conducted some testing on my backup system, but I am wondering what mechanism is at play when it comes to accessing an encrypted pool by someone who is not authorized to do so, given it may have access to the system (I am...
  45. D

    Recovering Key from Reformatted USB

    My FreeNAS (running version 9.10.1) was running fine for about two days and then it stopped being able to boot up properly. Based on a suggestion I saw elsewhere, I tried "updating" the software version using the 9.10.1 installation media to try and get the system working again. It looks like it...
  46. B

    Can't set passwd on my zpool

    Hello everybody, I have a zpool like this: pool: datapoolz1 state: ONLINE scan: scrub repaired 0 in 10h50m with 0 errors on Tue Jul 26 19:40:14 2016 config: NAME STATE READ WRITE CKSUM datapoolz1...
Top