Date: Sat, 17 Oct 2020 14:02:47 +0100 From: Graham Perrin <grahamperrin@gmail.com> To: freebsd-current@freebsd.org Subject: Re: OpenZFS: using an encrypted dataset without a prompt for its passphrase Message-ID: <267214f8-a099-b16c-1a13-c082ec95c4b8@gmail.com> In-Reply-To: <c4eb38e5-3dcd-b50b-322c-5a2a3b54439a@FreeBSD.org> References: <b2d53380-ffe8-9cdf-063e-c95120104c12@gmail.com> <4fb31ed5-2281-13cf-e45e-28dae27f26b3@FreeBSD.org> <b197b4a9-515c-efd6-1993-430dff16de39@gmail.com> <c4eb38e5-3dcd-b50b-322c-5a2a3b54439a@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 17/10/2020 12:35, Ryan Moeller wrote: > > On 10/17/20 5:55 AM, Graham Perrin wrote: >> On 17/10/2020 08:40, Ryan Moeller wrote: >>> This is intentional. The pool can be imported but the filesystem is >>> not mounted until the key is loaded. >> >> Thanks, the file system mounts without me entering a passphrase; is >> this intentional? >> > > It shouldn't be possible. > > # zfs mount storage/crypt > cannot mount 'storage/crypt': encryption key not loaded root@momh167-gjp4-8570p:~ # date ; uname -v ; uptime Sat Oct 17 14:00:10 BST 2020 FreeBSD 13.0-CURRENT #69 r366648: Tue Oct 13 05:49:05 BST 2020 root@momh167-gjp4-8570p:/usr/obj/usr/src/amd64.amd64/sys/GENERIC-NODEBUG 2:00PM up 9 mins, 5 users, load averages: 0.29, 0.56, 0.31 root@momh167-gjp4-8570p:~ # zpool export Transcend && ls -hl /Volumes/t500/VirtualBox ; zpool import Transcend && ls -hl /Volumes/t500/VirtualBox ls: /Volumes/t500/VirtualBox: No such file or directory total 18 drwxr-xr-x 2 grahamperrin grahamperrin 2B Sep 11 19:28 CloudReady drwxr-xr-x 6 grahamperrin grahamperrin 6B May 8 09:04 FreeBSD drwxr-xr-x 4 grahamperrin grahamperrin 4B Sep 20 17:03 Linux drwxr-xr-x 4 grahamperrin grahamperrin 7B Oct 16 17:41 Windows root@momh167-gjp4-8570p:~ # zfs get all Transcend/VirtualBox | grep -e crypt -e key -e mountpoint | sort Transcend/VirtualBox encryption aes-256-gcm - Transcend/VirtualBox encryptionroot Transcend/VirtualBox - Transcend/VirtualBox keyformat passphrase - Transcend/VirtualBox keylocation prompt local Transcend/VirtualBox keystatus unavailable - Transcend/VirtualBox mountpoint /Volumes/t500/VirtualBox inherited from Transcend root@momh167-gjp4-8570p:~ # zfs --version zfs-0.8.0-1 zfs-kmod-v2020100400-zfs_79f0935fa root@momh167-gjp4-8570p:~ #
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?267214f8-a099-b16c-1a13-c082ec95c4b8>