zamana
Contributor
- Joined
- Jun 4, 2017
- Messages
- 163
There are a lot of people and threads regarding the theme "how do I clone/backup/copy" the FreeNAS boot device, and all replies repeat the mantra: "save your config, do a new installation, load your config and it's done".
Well... It seems that all of these replies doesn't mention the fact that "for security reasons" your ssh/ssl keys aren't backed up. And that's a problem...
I decided to "upgrade" my installation from U5 to U6 by using this method: I saved my config (with the "Export Password Secret Key" enabled), installed the U6 version in a new boot device, did load my saved config and after 2 reboots everything was running again. Sort of...
My replication tasks started to failed miserably, due to "Permission Denied". And that's because I was unable to load/reload the "Remote Host key".
As my replication, if started from scratch, takes about 30 hours to complete, I did give up (temporarily, I hope) on the U6 and came back to U5. Now my replication tasks are running again.
So, in despite of this has happened in a context of an upgrade, I guess that this save/load config method needs to be more "robust". Of course that when you boot your new device, a new set of host keys are created, but I don't know if I can simply restore them from the old previous boot device or not. This needs to be better addressed/documented.
Regards.
Well... It seems that all of these replies doesn't mention the fact that "for security reasons" your ssh/ssl keys aren't backed up. And that's a problem...
I decided to "upgrade" my installation from U5 to U6 by using this method: I saved my config (with the "Export Password Secret Key" enabled), installed the U6 version in a new boot device, did load my saved config and after 2 reboots everything was running again. Sort of...
My replication tasks started to failed miserably, due to "Permission Denied". And that's because I was unable to load/reload the "Remote Host key".
As my replication, if started from scratch, takes about 30 hours to complete, I did give up (temporarily, I hope) on the U6 and came back to U5. Now my replication tasks are running again.
So, in despite of this has happened in a context of an upgrade, I guess that this save/load config method needs to be more "robust". Of course that when you boot your new device, a new set of host keys are created, but I don't know if I can simply restore them from the old previous boot device or not. This needs to be better addressed/documented.
Regards.
