Physical theft of an TrueNAS

[fonzie2k]

I've recently started my TrueNAS "career", and i've found mostly anything im wondering about in its official docs.

One topic that i cant find much about, is securing TrueNAS from physical theft.
... Yes, i mean securing it from data theft in case of an physical theft.

Encryption of pools and dataset is nice, but the keys will (except when using passphrases) be stored on the system (/) drive, unencrypted.
As i understand there is no support for secure boot or something simular to utilizing a TPM..

Is there no other way to "physically" secure data in TrueNAS, except using passphrases on datasets?

 

[danb35]

Mine is a 100+-lb 4U chassis, which is its own form of security, I think. But what's wrong with passphrase encryption?

 

[Arwen]

Another way to look at this, is that most thieves are after the hardware, not the data. They won't know what to do with TrueNAS Core, though it's possible SCALE with Linux might be something they could use. Add in ZFS, and most thieves are out of their depth.

So, just using appliance software, (aka TrueNAS), will stop most thieves from accessing the data.

As an example, I bought a hot swap disk enclosure 20 years ago off Evil-Bay. It worked fine and came with a 2GB disk. (Yes, Two GigaByte disk if I recall correctly... this was 20 years ago.) Turns out the disk was formatted Solaris UFS SPARC, which I happened to have at the time. So I could actually read it. But, >99% of the people out their could not have read it. They would have simply wiped the disk and used whatever they wanted on it.


All that said, if a thief or government agency is after the data, except for encryption, little would stop them. Further, ZFS dataset / zVol encryption is at rest only. This means that if the server is running and the datasets are "un-locked", determined data thieves or government agencies can still get the data. This can be done through special UPS(es) and hacking into the server's power. This keeps the server powered up, and yet allows it to be moved, (with all the datasets "un-locked"). Yes, this is an extreme example, but law enforcement CAN DO THIS, (if they want to).


Also, their is an option to password protect the console. In general, it is un-protected because physical access, (or password protected IPMI), is required for console access.