toyourefa.blogg.se

Openzfs native encryption
Openzfs native encryption











openzfs native encryption

Am I missing something here, or should I be able to do that?Įdit 2: when I double click on the ENCRYPTED disk icon on the desktop it brings up a Finder window with 0 items (empty).Ĭode: Select all sh-3.2# zpool import ELITE I can unlock and mount the encrypted parent dataset ENCRYPTED, but not the child dataset SHOME_BACKUP. This morning I restarted the system, and it appears that there is a dataset SHOME_BACKUP as I intended, with an appropriate amount of referred data, but it won't mount. When I tried to get some information about the dataset using zfs list the command hung in fact, the whole computer was wedged: the mouse would move around, and it would respond initially to keypresses, but eventually both the Terminal and Activity Monitor went into permanent beachball status and I had to shut down the system hard. When I came back to the computer a few hours later the disk activity had stopped, and it gave me an error saying that it had been unable to mount the new dataset. That seemed to work the disks got busy and Activity Monitor showed 150 MB/sec to 300 MB/sec being read and written.Įdit: I should add that although I'm running 1.7.2 zfs, the source pool on SANDISKDATA has not been upgraded from 1.5.2, in case that matters. I then did a ZFS send of my earliest snapshot of my SHOME dataset in pool SANDISKDATA, to ELITE/ENCRYPTED/SHOME_BACKUP. I set the properties of compression on and atime off. Pool creation was successful, as was the creation of an encrypted dataset which I called ENCRYPTED. Zfs version is 1.7.2, operating system is El Capitan 10.11.6. I started over and followed tangles' advice from the other thread to create my main pool by removing all partitions (using gparted on a linux box, grrr), zeroing out the first 500 MB of raw data on the disks, and then giving the entire disks to zpool to create a mirror (the external drive housing is an OWC Mercury ELITE Pro Dual enclosure holding two 4TB disks, connected via ESATA). So, I came back to this project of replication to a dataset with ZFS native encryption. Is this even possible? The man page for zfs only lists '-o origin=snapshot' as the only option during a receive does it also accept turning on encryption? Is the creation of an encrypted snapshot target only possible if you specify a file-based key? I must be missing something here.

openzfs native encryption

I don't know how to do that with a passphrase, because zfs receive is expecting its input to come from the pipe of send. It seems like the receive operation needs to create the dataset, but then I also read that encryption needs to be specified at creation. Sh-3.2# zfs send | zfs receive -F ELITE/HOME_BACKUPĬannot receive new filesystem stream: zfs receive -F cannot be used to destroy an encrypted filesystem I was hoping I could do a zfs send | zfs receive to transfer a snapshot to the newly created dataset, but it appears that isn't possible:Ĭode: Select all sh-3.2# zfs send | zfs receive ELITE/HOME_BACKUPĬannot receive new filesystem stream: destination 'ELITE/HOME_BACKUP' exists I was able to create an encrypted dataset named ELITE/HOME_BACKUP with the instructions from the wiki. I wanted to try out the new native encryption features of ZFS using my external disk pool.













Openzfs native encryption