Can an UnRaid Array be partially Encrypted?


binar

5 posts in this topic Last Reply

Recommended Posts

Greetings Fellow Forum Members,

My UnRaid Array has 5 hard drives plus 2 Parity Drives.  After the Parity Sync process which took a bunch of hours to complete I formatted all 5 hard drives as XFS without encryption.

 

Is it possible to go back and reformat 3 of the hard drives using XFS encryption and leave the remaining 2 hard drives as XFS without encryption?  In short, does UnRaid like it if the array is partially encrypted? 

 

The purpose for my partially encrypted array is so I can investigate whether or not the encrypted drives slow down file response times compared to the drives not encrypted.  I would like to test drive this whole encryption thing and if I don't like it I will then go back and reformat all the drives without XFS encryption. I'm also wanting to see if my Window10 OS client PC is going to be able to recognize all types of encrypted files stored in my UnRaid Array.

 

I would really appreciate a lot if anybody can offer some advice regarding this matter.  Thank you.

 

Link to post
2 hours ago, binar said:

In short, does UnRaid like it if the array is partially encrypted? 

It doesn't care. You can mix format types in the array all you want. You could have 1 BTRFS, 1 BTRFS- encrypted, 1 XFS, and 1 XFS encrypted if you want to.

 

Once the drive is unlocked, the encryption is transparent to the client.

 

I would advise that backups should be the highest priority for data on encrypted volumes, as recovery tools really don't work on encrypted volumes. It's not that the chances for corruption are higher, just that the consequences are more severe.

Link to post
Posted (edited)

Thanks for your advice Jonathanm. What you pointed out about recovery tools not working well on encrypted drives is good advice.  It is inline with my concern relating to how there may be docker apps, plugin apps or apps installed on my Windows10 client PC that may not play nice with XFS encrypted drives. 

 

For example, there is the Windows10 File explorer app which I plan to use a lot to move files around, rename files, create new folders, delete files, in short, do everything with it I need to do to organize the data in my UnRaid Array.  My concern is the Windows10 File Explorer app may eventually end up corrupting my data due to the XFS encryption on the array. 

 

Honestly, the more I think about XFS encrypting my UnRaid data the more I think it is a double edge sword. Therefore, for now I think I'm going to decide on no XFS encryption and this way I may avoid a bunch of possible head aches.   Maybe at some point in the future when my UnRaid skills are a lot more advanced I will revisit this complex subject of XFS encryption.

 

Thanks again for your advice.

 

 

 

Edited by binar
Link to post
3 minutes ago, binar said:

My concern is the Windows10 File Explorer app may eventually end up corrupting my data due to the XFS encryption on the array. 

 

1 hour ago, jonathanm said:

Once the drive is unlocked, the encryption is transparent to the client.

 

However you decide, keep in mind that Unraid or any RAID flavor is NOT a backup, it's purely high availability when a drive fails. It can't protect against file deletion or corruption, either accidental or malicious, or any number of other risks to the integrity of your data. You MUST keep current backups of files you don't want to lose.

Link to post
2 hours ago, binar said:

For example, there is the Windows10 File explorer app which I plan to use a lot to move files around, rename files, create new folders, delete files, in short, do everything with it I need to do to organize the data in my UnRaid Array.  My concern is the Windows10 File Explorer app may eventually end up corrupting my data due to the XFS encryption on the array. 

The encryption will be invisible to any operations that are carried out over the network so the Windows File Explorer directly causing a problem is not really a concern.

 

The point about encryption interfering with any data recovery if you ever get any sort of file system level recovery is valid though.  This can be caused by any sort of hardware/software glitch within the Unraid server itself (even if only a temporary one).

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.