Hello all. Wondering I can pick your brains regarding a situation I've
run into. I've followed this article on setting up my FreeBSD 9 install
on ZFS w/GELI encyrption -- sans the part about having 'bootdir' on a
mirror, which, sadly, likely would've saved me from my current problem:
https://www.dan.me.uk/blog/2012/05/06/full-disk-encryption-with-zfs-root-for-freebsd-9-x/
The server ran great and I had no issues until this past weekend, when my
hard drive that contains the OS pool (including /, /boot, etc.) FAILED.
I'm now in the situation where my encryption key file cannot be accessed,
since it is on a failed disk. I can live without the stuff on the OS
pool, however I have another pool containing many GBs of data (music,
video, documents, etc.) that I desperately need and cannot lose. Whats
worse is that I never got around to setting up backups for this data (damn
laziness!).
Here is the layout of the server, so you can better picture my predicament:
drive1 - OS pool, GELI encrypted (contained bootdir with my encryption key
in it)
drive2 - NAS pool, GELI encrypted (contained all my data, the encryption
key for this device was located on the failed drive in bootdir)
drive3 - NAS pool, GELI encrypted " " " "
I really need the stuff off the NAS pool, but I'm not sure if I'll be able
to decrypt it since the key is on the failed drive. My question to you
all is, is there any way to decrypt the pool WITHOUT that key? I'm going
to try to reinstall FreeBSD 9 on a new disk, and import the ZFS pools, but
if the disks are encrypted with no way of being decrypted (due to the
missing key), I think I'm SOL :(
Thanks in advance for any suggestions.
--
Using Opera's revolutionary email client: http://www.opera.com/mail/
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
