Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision |
advanced:target [2018/10/03 13:51] – Add warning dan | advanced:target [2018/10/04 23:48] – [Enable encryption, and create an encrypted dataset] dan |
---|
| |
===== Enable encryption, and create an encrypted dataset ===== | ===== Enable encryption, and create an encrypted dataset ===== |
| **FreeNAS doesn't support OpenZFS encryption at this time, and it's not possible to replicate from a non-encrypted dataset to an encrypted one. This documentation is left for the sake of completeness.** |
| |
The idea of this system is to be a standalone storage "brick", which could be left at a remote location where you might not fully trust the network operator. ZFS on Linux supports dataset encryption for this purpose, and material for this section is drawn from this [[https://datacenteroverlords.com/2017/12/17/zfs-on-linux-with-encryption-part-2/|blog post]]. You'll first need to enable that feature on your pool: | The idea of this system is to be a standalone storage "brick", which could be left at a remote location where you might not fully trust the network operator. ZFS on Linux supports dataset encryption for this purpose, and material for this section is drawn from this [[https://datacenteroverlords.com/2017/12/17/zfs-on-linux-with-encryption-part-2/|blog post]]. You'll first need to enable that feature on your pool: |
<code> | <code> |
Now allow that user to make changes on the encrypted dataset: | Now allow that user to make changes on the encrypted dataset: |
<code> | <code> |
zfs allow -u zfsuser create,destroy,snapshot,mount dozer/encrypted | zfs allow -ldu zfsuser create,destroy,diff,mount,readonly,receive,release,send,userprop dozer/backup |
</code> | </code> |
| |