I am looking at encrypting my pool on my current system. I have conducted some testing on my backup system, but I am wondering what mechanism is at play when it comes to accessing an encrypted pool by someone who is not authorized to do so, given it may have access to the system (I am considering the case when someone breaks in and want to gain access to the system).
The Freenas documentation doesn't provide a detail explanation on the system behavior in preventing access to the encrypted pool.
During my testing, I found the pool will be locked upon restart, which is good if the system is stolen and power has powered down.
My concern lies in the other scenario when the system remain live.
What happens when the system is not powered down. Can the drive be accessed after default CLI/web interface password has been reset.
Can someone be able to download the encryption key from the encrypted pool as well as the recovery key?
Is there a detailed flow chart or similar diagram explaining what steps Freenas takes in order to maintain a secured system?
Will the pool lock itself if the system password is reset from the CLI console?
I haven't had the time to test that scenario yet.
The Freenas documentation doesn't provide a detail explanation on the system behavior in preventing access to the encrypted pool.
During my testing, I found the pool will be locked upon restart, which is good if the system is stolen and power has powered down.
My concern lies in the other scenario when the system remain live.
What happens when the system is not powered down. Can the drive be accessed after default CLI/web interface password has been reset.
Can someone be able to download the encryption key from the encrypted pool as well as the recovery key?
Is there a detailed flow chart or similar diagram explaining what steps Freenas takes in order to maintain a secured system?
Will the pool lock itself if the system password is reset from the CLI console?
I haven't had the time to test that scenario yet.