Hey there,
Confirmation required on classical dumbuser problem:
After 1 year of successfully running a cool feature as seen in many movies, called volume encryption on highly experimental and non-supported config, without any real requirement for it, I finally got what I deserved. My freenas running 9.2.1.9, with lots of data with emotional value on it, had experienced series of errors which I failed to act on, and now after the final and fatal "ex-factor" driven physical failure of usb stick it was running on, I have reached the painful understanding that I have failed to properly back-up my recovery key. I still have the passphrase, but according to all FreeNAS documentation, this is not enough to decrypt a volume. I am almost willing to move on to the next phase of grief - acceptance, but there are some vague hints on the web which keep me still awake on those lonely nights. For example this one: https://www.reddit.com/r/freenas/comments/2h6efv/scared_to_try_freenas_what_happens_if_my_usb/
"If you have either the GELI password or the recovery key, you can completely restore your encrypted NAS on any system that supports GELI and ZFS, even one that isn't a FreeNAS system."
Could someone please confirm that this guy has no idea what he is on about, and that volume cannot be decrypted with only passphrase without the recovery key, so I can just wrap-up the disk, and store it in a cool and dry place for better days of future generations and quantum computing brute-force possibilities to come.
Thanks in advance.
Confirmation required on classical dumbuser problem:
After 1 year of successfully running a cool feature as seen in many movies, called volume encryption on highly experimental and non-supported config, without any real requirement for it, I finally got what I deserved. My freenas running 9.2.1.9, with lots of data with emotional value on it, had experienced series of errors which I failed to act on, and now after the final and fatal "ex-factor" driven physical failure of usb stick it was running on, I have reached the painful understanding that I have failed to properly back-up my recovery key. I still have the passphrase, but according to all FreeNAS documentation, this is not enough to decrypt a volume. I am almost willing to move on to the next phase of grief - acceptance, but there are some vague hints on the web which keep me still awake on those lonely nights. For example this one: https://www.reddit.com/r/freenas/comments/2h6efv/scared_to_try_freenas_what_happens_if_my_usb/
"If you have either the GELI password or the recovery key, you can completely restore your encrypted NAS on any system that supports GELI and ZFS, even one that isn't a FreeNAS system."
Could someone please confirm that this guy has no idea what he is on about, and that volume cannot be decrypted with only passphrase without the recovery key, so I can just wrap-up the disk, and store it in a cool and dry place for better days of future generations and quantum computing brute-force possibilities to come.
Thanks in advance.