![]() Zpool import rpool # without the `-l` option!īTW: keep in mind the distinction between the pool called rpool and the top-level dataset of that pool (also called rpool) - zpool sub-commands work with pools, zfs sub-commands work with datasets, zvols, snapshots, etc. Without the -l option, any encrypted datasets won't be mounted, which is what you want. import the pool without loading the key because you want to override the keylocation attribute with zfs load-key.mount the usb stick containing the key wherever you like. ![]() This will not change the value of the property on theĭataset. L keylocation - Use keylocation instead of the keylocation property. ThisĬommand may be run even if the key is already loaded. To simply check that the provided key is correct. a Loads the keys for all encryption roots in all normally zfs-import-cache is activated (was the reason my guess about the cachefile). Edit the systemd service again with systemctl edit rvice and replace the contents with this: Service ExecStartPre/usr/bin/sleep 15 This will make the service sleep for 15 seconds before importing the ZFS pool(s). r Recursively loads the keys for the specifiedįilesystem and all descendent encryption roots. you can check your ZFS pool import services: systemctl grep zfs-import you should see two services: zfs-import and zfs-import-cache. If that functionality is desired, zfs mount -l will ask for the key and mount the dataset (see Loading a key will not automatically mount theĭataset. The terminal will interactively wait for the key to be Note that if the keylocation is set to prompt Keyformat and location specified by the keylocation If the -d option is not specified, this command searches for devices in '/dev'. The key will be expected in the format specified by the According to zpool (8) you either use a cachefile or a directory specification as a hint: Code: zpool import -d dir -c cachefile -D Lists pools available to import. That inherit the keylocation property to be accessed. Load the key for filesystem, allowing it and all children You can, however, override the attribute after the pool is imported but before you mount the dataset, and manually tell zfs where the key file is.įrom reading the docs, I'm pretty sure that's what the -L option of zfs load-key is for. I've used ZFS over a decade now but have never used ZFS encryption, so while I know a lot about ZFS in general I'm certainly no expert on ZFS encryption.ĪFAIK, you can't get the keylocation attribute of a dataset without the pool being imported (because it's an attribute of the dataset, not the pool - there may be a way to do it with the zdb ZFS debugging utility but if there is, I don't know it).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |