What is the point of a recovery key on an encrypted pool?

Free as in Nas

Dabbler
Joined
May 11, 2012
Messages
42
I'm reading over the docs and I think I may be missing something.

If I am backing up my geli encryption key and my passphrase, is there any point to also adding a recovery key and then backing up that? The docs make it sounds like the recovery key is essentially a 1on1 replacement with the passphrase, but I could be misreading them.

Thanks!
 
Last edited:

HolyK

Ninja Turtle
Moderator
Joined
May 26, 2011
Messages
653
Short answer: YES, always backup encryption key AND the recovery key. If you really have sensitive data on the pool then passphrase should be only in your head (or in some encrypted password vault). Recovery key should be buried deep under ground or in some vault/safe and only you should know where it is.
 

Free as in Nas

Dabbler
Joined
May 11, 2012
Messages
42
Thanks for the response!

Passphrase is in an encrypted file, recovery key would most likely go there as well. I suppose I could take a usb drive and put it in a safe deposit block, but I feel like I have a good amount of redundancy on my password store.

Let's say I take the recovery key and put it on a usb drive and bury it in my backyard, wouldn't that effectively be the same as putting a text file with the passphrase on it and burying it?

Another thing I am a little fuzzy on, if I save off the recovery key do I still need my geli encryption key backed up or does the recovery key serve as both geli key and passphrase?
 

Free as in Nas

Dabbler
Joined
May 11, 2012
Messages
42
Oh I may see now.

I thought I had my passphrase in my vault but now I can't unlock my pool.... it must have copied into my into password vault incorrectly or I changed it without realizing it.

I suppose if I had a recovery key I would have been fine.

Good thing this is a brand new machine and I was in the process of moving data over from my last machine. It may be the risk of losing the passphrase to encrypted pool isn't worth the additional security benefits.

I still have an open question about whether you need a recovery key if a volume is encrypted with no passphrase.

This makes it sound like it useful in both cases:
The recovery key is an optional keyfile that is generated by FreeNAS®, provided for download, and wiped from the system. It is designed as an emergency backup to unlock or import an encrypted pool if the passphrase is forgotten or the encryption key is somehow invalidated. This file is not stored anywhere on the FreeNAS® system and only one recovery key can exist for each encrypted pool. Adding a new recovery key invalidates any previously downloaded recovery key file for that pool.
 
Top