ZFS 1 volume 2 encryption keys

WhatAboutBob

New Member


Messages: 2

I have been using freenas 11.1 and I posted on the freenas forums the following

I had a RaidZ volume with 4 drives and after detaching the volume I am not able to import the volume. I am getting and error (the following disks failed to attach). I did some looking and I found out that I have 2 keys, and after some more digging I found out 2 of the dives are using one encrypted key and the other 2 are using a different one. I am not sure how I did this! I was unable to find a way to add the volume for all 4 drives with the 2 keys. My question is: Is there a way to add the volume with both keys, if not is there anyway to remove one of the keys?

They told me to manually open them with GELI and then fix it by generating a new key for all disks.
But i have no clue on how to do that they told me to ask on this forum about how to.

The link to the forum post https://forums.freenas.org/index.php?threads/1-volume-2-encryption-keys.62510/#post-446194
 

ShelLuser

Son of Beastie

Reaction score: 2,111
Messages: 3,792

What makes you conclude that this system uses both keys anyway? Just because there are 2 keys present doesn't imply that they're also being used. How did you conclude that they were being used? Because whatever showed you that they're being used would also provide you with the required information on how to access those disks.

Also: how did you detach and try to re-attach the drive anyway? For all I know you could have followed the wrong procedure which resulted in these errors, and instead of fixing whatever caused the problems you're now blaming it on something else. Note: I'm not claiming that this is what happened, but it's definitely something that you need to rule out first.

I assume that the system still boots normally? Because that should give you all the access you need to find out how this was setup in the first place.

(edit)

You might want to start by reading this:
https://www.freebsd.org/doc/handbook/disks-encrypting.html

Usually the device gets encrypted with GELI which is then added to the ZFS pool. As such, what others also mentioned, your first start would be to read up on GELI, the FreeBSD handbook might be able to help there.
 
OP
W

WhatAboutBob

New Member


Messages: 2

After I detached the volume I was not able to attach it again I was getting and error and then I found the 2 keys. I tried to add the volume with just one disk and it would go to the next step to pick the volume But it would be blank and would give different error. Did that with all 4 drives if it was the wrong key it would error and not go to the next steep. This was all in FreeNAS. So I know what key is for each drive just don't know how to unlock then and add them all back under one key. I have never use FreeBSD and was hoping to get some help as to how to unlock and add them together.
 
Top