SubnetMask
Contributor
- Joined
- Jul 27, 2017
- Messages
- 129
When I first set up my FreeNAS and enabled encryption on my volumes, it wasn't clear that each VDev had a different GELI key, and that no matter which one you download, it's 'geli.key', so initially, I had only saved the one from the initial VDev. After learning that there are separate keys for each VDev, I saved the rest.
My suggestion, if it's possible, would be rather than have the keys export as 'geli.key' for all VDevs, have the keys export as 'geli_VDevName.key' or something along those lines. Yes, it's not hard to rename it as you're saving it, but for a noob that has a basic understanding but may not know all of the little nuances, it would make it 'more clear' that each VDev has a different key, as well as for everyone, make it harder for you to accidentally one VDev's key with the key from another VDev (I imagine pretty much everyone here at one time or another has accidentally overwritten something that they didn't want to overwrite).
Not a huge deal, just something that if it's not too hard to add, might be nice to add in for a future release.
My suggestion, if it's possible, would be rather than have the keys export as 'geli.key' for all VDevs, have the keys export as 'geli_VDevName.key' or something along those lines. Yes, it's not hard to rename it as you're saving it, but for a noob that has a basic understanding but may not know all of the little nuances, it would make it 'more clear' that each VDev has a different key, as well as for everyone, make it harder for you to accidentally one VDev's key with the key from another VDev (I imagine pretty much everyone here at one time or another has accidentally overwritten something that they didn't want to overwrite).
Not a huge deal, just something that if it's not too hard to add, might be nice to add in for a future release.
Last edited: