ZFS Does ZFS encryption with passphrase decrypt the filesystem for all users (including root), or only the user entering the passphrase?

[ameinild]

I hope someone can help me here. I heard the following from another user (on a Linux forum):

They claim that when they set up ZFS encryption on a volume with a passphrase, and then enter then passphrase, that the data gets decrypted for all users (including root), and not only the user providing the passphrase.

If this is true, I don't understand the value of encryption at all, since it would then be possible for root to "eavesdrop" on the encrypted volumes of users.

Can anyone confirm or deny that the above claim is true? I would have thought that en encrypted volume was only decrypted during filesystem operation, and only for the user who entered the passphrase.

 

[SirDice]

It's encryption at rest, once it's unlocked anyone with the right permissions can access it. Same with geli(8) encrypted drives or partitions. Once it's unlocked and mounted anyone can access the data.

 

[Kai Burghardt]

[…] They claim that when they set up ZFS encryption on a volume with a passphrase, and then enter then passphrase, that the data gets decrypted for all users […]

We say the key is loaded, the keystatus zfsprops(7) property value becomes available. The actual decryption occurs at read‑time. You can still exercise access control (e. g. file modes/ACLs, zfs-allow(8), or simply not mount [users’] data sets).​

[…] it would then be possible for root to "eavesdrop" on the encrypted volumes of users. […]

On UNIX‑like systems root a. k. a the superuser can always do anything. Therefore you must trust your administrator(s), the person(s) legitimately having access to the root account (and you also have to trust the software and hardware, but that’s beside the point). If a user doesn’t trust their admin, they need to employ user space encryption.​

[…] I would have thought that [an] encrypted volume was only decrypted during filesystem operation, and only for the user who entered the passphrase. […]

No, there is no “user ownership” to the once loaded key.​

 

[ameinild]

Thank you very much for the quick explanations, which were contrary to how I imagined it would work.

I guess for this usecase, user-space encryption is then the answer.

 

[olli@]

As Kai Burghardt pointed out – users with root privileges can always do anything. They have access to all software (including the kernel) and to all devices. They could read the raw memory of your processes if they wanted to, for example. They could read what you type, if they wanted to. They could see the output of your commands, if they wanted to.

If you don’t trust your administrator, then you should leave that system, build your own one and be your own administrator.

The purpose of filesystem-level encryption is not to prevent root from accessing it. Its purpose is to provide security if the machine (or the storage device) falls into the wrong hands.