Unable to unencrypt pool after upgrading to 11.3 RELEASE

winnielinnie

winnielinnie

MVP
Joined
Oct 22, 2019
Messages
3,641
Fierce said:
Again, I do have the key(s) downloaded to my PC. So that I know which key is which, I'd like to know the default name of these keys.
Click to expand...

I forget the default names (and I'm too scared to create a new one, since it will invalidate my existing one), but in any case, it doesn't hurt to try using whatever key you have saved and assume it's the Recovery Key (userkey1), to try and unlock the pool without a passphrase. The way it's set up on FreeNAS is that the Recovery Key (userkey1) is never combined with a passphrase, unlike the Encryption Key (userkey0) in which you have the choice to interweve it with a passphrase.

However, you have to go out of your way while your pool is unlocked to create and download a new Recovery Key (userkey1).

Padlock Icon > Recovery Key

If you never did this while your pool was unlocked, it's too late.

Too add to the confusion, it was either 11.2 or 11.1 in which the GUI used the words "Download Recovery Key", when in fact it was prompting you to download a copy of userkey0, not userkey1. I think they've since fixed this in the GUI to remove confusion.
 
F

Fierce

Cadet
Joined
Jan 4, 2017
Messages
9
When I exported the pool, I used this dialog to do the export. The dialog says "Before exporting/disconnecting encrypted pools, download and safely store the recovery key". This is what I did - I have this key.

export.JPG
 
winnielinnie

winnielinnie

MVP
Joined
Oct 22, 2019
Messages
3,641
Fierce said:
When I exported the pool, I used this dialog to do the export. The dialog says "Before exporting/disconnecting encrypted pools, download and safely store the recovery key". This is what I did - I have this key.
Click to expand...
If this key is all you have, it is very likely userkey0 (Encryption Key, which was associated with a passphrase, which is now completely invalidated), and you never created nor downloaded a userkey1 (Recovery Key).

winnielinnie said:
Too add to the confusion, it was either 11.2 or 11.1 in which the GUI used the words "Download Recovery Key", when in fact it was prompting you to download a copy of userkey0, not userkey1. I think they've since fixed this in the GUI.
Click to expand...



On my 11.3-U3 system, here is the wording, which looks different than yours. It goes back to what I mentioned earlier (which I quoted myself above.)

'Mainpool' is encrypted! If the passphrase for this encrypted pool has been lost, the data will be PERMANENTLY UNRECOVERABLE! Before exporting/disconnecting encrypted pools, download and safely store the encryption key and any passphrase for it.
Click to expand...
 
Last edited:
You must log in or register to reply here.

Similar threads

Rickinfl
Can't delete snapshot after Migration to new server
Replies
5
Views
1K
hescominsoon
hescominsoon
B
HDD is not going Offline.... No Valid Replicas ERROR
Replies
2
Views
2K
sretalla
sretalla
Turtle3000
Encrypted Pool Decrypting Issue, Unlocking with password works, but recovery key doesn't
Replies
2
Views
1K
Turtle3000
Turtle3000
W
Disk Replacement Issue
Replies
11
Views
2K
Yorick
Yorick
L
Restore from USB failure - Encrypted pool
Replies
6
Views
994
longroad
L
Top