Pool locking and services/jails?

[Dunuin]

Hi,

I would like to encrypt my two pools so that I have to insert the passphrase to unlock it after boot but I'm not sure how the jails, VMs, SMB shares, unix user homefolders, FTP, rsync auto snapshot tasks and replication tasks will handle this. I saw there is a checkbox to restart all the jails and services after unlock but is there a way to prevent services/jails/VMs from autostarting until both pools are unlocked or is the only option to deactivate autostart everywhere to prevent that the jails and services are starting without the needed folders to mount to the jails?

And I've read somewhere in the documentation that it is possible to configure that FreeNAS won't store the encryption keys so that you will have to upload the key file and insert the passphrase to unlock a pool but I wasn't able to find where to change this.

MfG

Dunuin

 

[Samuel Tai]

On FreeNAS 11.2 and below, the autostart doesn't work if your pool is encrypted with a passphrase. You'll need to unlock the pool after boot and then manually start your jails/plugins/VMs. Services do get restarted after the pool is unlocked.

To unlock the pool, you can either enter the passphrase, or upload the recovery key file.

This behavior is changed in 11.3, as the system dataset can no longer have a passphrase, and automatically unlocks after boot.