-
Important Announcement for The TrueNAS Community.
The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums
I don't think (and I'm pretty sure of it) that Veracrypt can be used with FreeNAS directly (I mean on the server's side, in a way that FreeNAS is aware of Veracrypt). There are no plugins or such I believe.
But the way I use it is that I created a Veracrypt volume on one of my FreeNAS share and I use Veracrypt on the client's side to access the Veracrypt container. Works quite well this way.
But the way I use it is that I created a Veracrypt volume on one of my FreeNAS share and I use Veracrypt on the client's side to access the Veracrypt container. Works quite well this way.
Mazufa
Dabbler
- Joined
- Jul 21, 2019
- Messages
- 24
Okay, Veracrypt software can't be installed on FreeNAS software itself?
Should suggest to developers that they would connect the FreeNAS operating system to Veracrypt because it would be a very good addition to it! :)
But have you installed the Veracrypt program on Windows, and then you have made the Freenas hard drive with the client software?
_______________________________________________________________________________________________________________________________________________________________
Is the FreeNAS 16GB enough RAM for mycomputer?
Does the FreeNAS computer computer therefore need no operating system other than the FreeNAS software alone? So I don't need to install Windows on the same computer with FreeNAS?
Should suggest to developers that they would connect the FreeNAS operating system to Veracrypt because it would be a very good addition to it! :)
But have you installed the Veracrypt program on Windows, and then you have made the Freenas hard drive with the client software?
_______________________________________________________________________________________________________________________________________________________________
Is the FreeNAS 16GB enough RAM for mycomputer?
Does the FreeNAS computer computer therefore need no operating system other than the FreeNAS software alone? So I don't need to install Windows on the same computer with FreeNAS?
Well, within FreeNAS you can use the encryption of the drives. Although this is not recommended and you have to use it very carefully because the risk of locking you out of the volume (and therefore loosing your data) is high...
Therefore I don't think proposing a feature/plugin for Veracrypt is very relevant.
You can have a look to the hardware recommendation guide but 16GB of RAM is quite good for a home use.
You will need to do some readings about FreeNAS first, that would be advised.
The manual is a good start and some more explanation on ZFS.
FreeNAS will be used as a (NAS) server and the operating system is FreeNAS. Therefore you will need an other computer to access the data stored on it.
Therefore I don't think proposing a feature/plugin for Veracrypt is very relevant.
Indeed, I created a share on FreeNAS to access the data from a windows client where I have Veracrypt installed. And there on the client I mount the Veracrypt container that is located on the FreeNAS share.
You can have a look to the hardware recommendation guide but 16GB of RAM is quite good for a home use.
You will need to do some readings about FreeNAS first, that would be advised.
The manual is a good start and some more explanation on ZFS.
FreeNAS will be used as a (NAS) server and the operating system is FreeNAS. Therefore you will need an other computer to access the data stored on it.
Mazufa
Dabbler
- Joined
- Jul 21, 2019
- Messages
- 24
I know FreeNAS is used as an NAS server. I now have one commercial NAS server but I have run out of space and therefore I need to do another NAS server.
I have three double processor computers and I will use them for this project :) I'll use one of these NAS servers to install a FreeNAS operating system.
I just need hard drives and then I can do this FreeNAS server :) I have a good HP xw8400 double processor computer from where i am going to do this NAS server :)
I have a CPU INTEL XEON SL968 5080 3.73GHz LGA-771 processor which I will install on this computer.
So you have Veracrypt on your windows computer and then you just selected the FreeNAS hard drive and encrypted it? :)
From this computer I will make a NAS server where I use FreeNAS: https://support.hp.com/us-en/document/c00712281
I have three double processor computers and I will use them for this project :) I'll use one of these NAS servers to install a FreeNAS operating system.
I just need hard drives and then I can do this FreeNAS server :) I have a good HP xw8400 double processor computer from where i am going to do this NAS server :)
I have a CPU INTEL XEON SL968 5080 3.73GHz LGA-771 processor which I will install on this computer.
So you have Veracrypt on your windows computer and then you just selected the FreeNAS hard drive and encrypted it? :)
From this computer I will make a NAS server where I use FreeNAS: https://support.hp.com/us-en/document/c00712281
All right...
This hardware is a bit outdated but shall be working. Just be aware that hardware using FSB is not the most efficient. But depending on your needs it can be working.
You also have to make sure you disable all the hardware RAID so that FreeNAS can access the drives directly.
I don't think you will be able to encrypt the complete FreeNAS volume since this will not appear as a device in Veracrypt. So you'll have to create a container on the FreeNAS share.
Good luck...
This hardware is a bit outdated but shall be working. Just be aware that hardware using FSB is not the most efficient. But depending on your needs it can be working.
You also have to make sure you disable all the hardware RAID so that FreeNAS can access the drives directly.
I don't think you will be able to encrypt the complete FreeNAS volume since this will not appear as a device in Veracrypt. So you'll have to create a container on the FreeNAS share.
Good luck...
Mazufa
Dabbler
- Joined
- Jul 21, 2019
- Messages
- 24
I have two computers with two processors. The other one has a Tyan dual-core motherboard.
But I do this FreeNAS from the computer that I mentioned on the HP computer that I mentioned.
What do you mean by FreeNAS in a container when I didn't really understand how to do this?
I understand a little bad English so it can cause confusion.
I'll try to explain it differently.
On the FreeNAS server you configure a share to be accessible from the workstation.
Using Veracrypt on the workstation you create a Veracrypt file (or container) located on the the FreeNAS server.
And you use Veracrypt to access the file.
I hope it's more clear...
On the FreeNAS server you configure a share to be accessible from the workstation.
Using Veracrypt on the workstation you create a Veracrypt file (or container) located on the the FreeNAS server.
And you use Veracrypt to access the file.
I hope it's more clear...
Mazufa
Dabbler
- Joined
- Jul 21, 2019
- Messages
- 24
Alright. So I make an encrypted file of FreeNAS content with Veracrypt, and then I keep this encrypted file on my FreeNAS server? :)
I also found a video here if this is what you mean ?: https://www.youtube.com/watch?v=fSRGWfmnNzI&t=63s
Mazufa
Dabbler
- Joined
- Jul 21, 2019
- Messages
- 24
I thank you for giving me this tip so I can encrypt the data from my upcoming FreeNAS server! :)
EsTaF
Contributor
- Joined
- Sep 20, 2013
- Messages
- 163
Great. I created a container and mounted it as a client. I copied the necessary files into the open volume.
Now I can't see its from another computer.
Do I have to dismount the file from one machine and mount to another every time? )))
Are you serious about this? )
I'll just take Linux with zfs and install veracrypt there. Excuse me.
Do I understand what you try to do correctly?
I think you have to unmount the veracrypt container opened by client 1 before opening it with client 2.
Again, I'm not sure at all, it is rather a guess... I haven't checked the veracrypt doc either (that might be the place to start).
But since I use it with a single user only, I don't have this problem.... sorry.
- You have a veracrypt container on a shared dataset.
- From client 1 you access the share and mount the veracrypt container and put some files in it
- From client 2 you try to mount the same veracrypt container to access the files (but you should be able to see the file itself actually)
I think you have to unmount the veracrypt container opened by client 1 before opening it with client 2.
Again, I'm not sure at all, it is rather a guess... I haven't checked the veracrypt doc either (that might be the place to start).
But since I use it with a single user only, I don't have this problem.... sorry.
- Joined
- Feb 6, 2014
- Messages
- 5,112
Veracrypt doesn't support concurrent r/w access to containers. You can have multiple systems mount the container as read-only, but it's not a clustering filesystem.
If you want to encrypt the files on the server, use ZFS native encryption on the sensitive dataset, and set up controlled access.
If you want to encrypt the files on the server, use ZFS native encryption on the sensitive dataset, and set up controlled access.
EsTaF
Contributor
- Joined
- Sep 20, 2013
- Messages
- 163
It's clear that it won't work.))) I'm not arguing with that. I gave an example of the clumsiness of this approach.
And so it is easier to install a system with the ability to install this program on the server side:
###################
Thanks, but had problems with data loss when using the regular encryption. Can't remember the reason why now. Either when replacing one of the disks in raid1, or when restoring a configuration where the disk was already encrypted.
It was my fault, but it's easier when things are more logical. To me, a storage system with veracrypt looks more logical and predictable. Sorry :)
Last edited:
winnielinnie
MVP
- Joined
- Oct 22, 2019
- Messages
- 3,641
It sounds like you're referring to GELI (legacy) + FreeNAS's implementation of it.
It's a completely different (and vastly improved) paradigm with native ZFS encryption now with TrueNAS Core/SCALE.
EsTaF
Contributor
- Joined
- Sep 20, 2013
- Messages
- 163
Well, with this encryption system can be its own pitfalls. It's hard to know what they are. I will understand only when I encounter it.))
It's not about the reliability of this system, but 100% understanding of every step that I will have to take when working not only with this encryption option, but with the entire system in general.
Geli is definitely not an option for me. One time was enough when I lost 15 years of data. I've never even lost anything on ntfs/ext2. Both with truecrypt and pgp etc. But here...
So, Arch Linux + zfs + veracrypt + samba.
Last edited:
Just create a VC file container and you're golden :D. Be sure to create one on NVMe, not HDD otherwise it will take more than a day to encrypt it. When you're done, just upload it to TrueNAS server and then mount it from there. Be forewarned, the transfer speed will be ungodly slow, around 5-8 MBPs.
EsTaF
Contributor
- Joined
- Sep 20, 2013
- Messages
- 163
Such simplicity will not make it somehow better visible to many client machines))
Only the container file will be visible.
There is an option to do zfs encryption, of course. Not with geli. But the encryption mechanism is too common and therefore not secure. It's protection from drug thieves, if only. I even trust truecrypt more than veracrypt. Well, veracrypt has only one advantage - it always has a hidden partition repertoire, even if we didn't create it. It's not like that with truecrypt - if you didn't create a hidden partition, you can detect it. But here is the protection itself - truecrypt went through a very thorough audit, after which the project was shut down))) which kind of hints.
And all these "super" "encryptions" (geli, luks etc) cannot create hidden volumes. (double bottom).
Last edited:
VeraCrypt is derived from TrueCrypt, lol. VeraCrypt is throughoutly audited, unlike Bitlocker.
