On 2020-04-18 18:16, Allan Jude wrote:
If you still have a bootpool, you can migrate to a single pool (so boot
environments work), using these instructions:
https://ftfl.ca/blog/2016-09-17-zfs-fde-one-pool-conversion.html
If the pool would boot without GELI, it still will with GELI, however,
if you use any of the newer features not supported by the boot loader,
then it will not be able to read the kernel from the boot (encrypted or not)
My use case requires unattended booting and never storing the keyfiles
on the disks to which they correspond so that, in the event of a disk
failure, it can be recycled or sent back to the OEM safely.
AFAIK the userkey files have to be on the same filesystem as the loader,
which, for this use case, requires /boot be separate?
_______________________________________________
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"