I have the following disk setup in my server:
My ZFS root sits on the mirrored SSD drives. All the drives are encrypted and use the same encryption key. Yesterday I rebooted my server after applying the latest security updates and the first disk would not accept the password no matter how many times I tried. Therefore after booting up my ZFS mirror was broken.
Here's where it gets even weirder. After booting up my ZFS mirror was broken (since the first disk in the mirror couldn't be unlocked/decrypted using the password I normally use) but if I run
So why can't I decrypt the one disk at bootup? I know I am entering the correct password as the other two disks decrypt fine. In the past I have decrypted all three disks when rebooting with no issues at all and my /boot/loader.conf hasn't changed.
- 2 x SSD drives in a ZFS mirror
- 1 x SATA drive (just a single disk with ZFS)
My ZFS root sits on the mirrored SSD drives. All the drives are encrypted and use the same encryption key. Yesterday I rebooted my server after applying the latest security updates and the first disk would not accept the password no matter how many times I tried. Therefore after booting up my ZFS mirror was broken.
Here's where it gets even weirder. After booting up my ZFS mirror was broken (since the first disk in the mirror couldn't be unlocked/decrypted using the password I normally use) but if I run
geli attach -k /boot/bootdir/encryption.key /dev/da0p1.eli and enter the exact same password that I tried at bootup, it works! After that I bring the disk online and the ZFS mirror resilvers and all is good. This is worrying however as, if the second disk fails and I reboot I won't be able to boot up the machine.So why can't I decrypt the one disk at bootup? I know I am entering the correct password as the other two disks decrypt fine. In the past I have decrypted all three disks when rebooting with no issues at all and my /boot/loader.conf hasn't changed.
