Rearranging encrypted drives causes data loss

J

jjthomas

A few months ago, I lost the ability to log into my encrypted drive. It was as though my password quit working. I recall that I had move some of the drives around. When I could no longer decrypt my disk, I put, I believe, everything back in the same ports as they were when I initially installed FreeBSD. I was never 100% sure if I got every drive in the correct (SATA) port. Nor, was I able to determine if I had done something to cause me to lose my ability to decrypt the disk. I did try some recovery, but I could not get my data back. I had recent backups, so I install Linux.

Recently, I did another FreeBSD (10.1) installation (Automatic root-on-ZFS encryption). I moved my drives around and, again, I lost the ability to decrypt my root partition. Since I was preparing my computer for PC-BSD installation, with an hour old backup, I simply let it go. PC-BSD did not work out for me, I'm back to FreeBSD.

I have another computer that runs FreeBSD with MythTV. It has never had a problem. I've run it both with, and without, root-on-ZFS encryption. I dropped the encryption to simplify unattended rebooting.

So my question is, why would moving a hard drive to a different port keep it from decrypting? Is there a file I should be backing up? I know when I do whole drive encryption under Slackaware, when I move my drives around, I need to run mkinitrd so the system can find the new root location. Is there something similar in FreeBSD?

Thank you.

-JJ
 
ZFS doesn't care in what order the drives are, it'll find the correct ones regardless. Geli however is a different matter and depending on how you encrypted the drives it's possible you're trying to decrypt drive 1 with the key for drive 2 for example. Have you used the same key for all drives or does each drive have its own key?
 
You must log in or register to reply here.
Back
Top