May 21, 20215 yr Hi all, I have 4 encrypted XFS drives in array but Unraid does not request the password to start the array. Here is what I did : My current array was populated with unencrypted hard drives only and I wanted to add 4 new hard drives Since I wanted to take this opportunity to encrypt my array, I stopped the array and changed the Disk Settings > Default file system setting to "XFS - encrypted" before adding the 4 new hard drives. I assigned the 4 new hard drives to 4 slots in my array, entered a password (twice) and started the array successfully I initiated the formatting of the 4 new hard drives (clicked the "format" button and confirmed my intention to format when prompted), and the formatting completed successfully. I stopped the array Now I can start back the array without entering any password (see attached screenshot), which I do not want obviously. Why is that ? Many thanks in advance. Best, OP Edited May 21, 20215 yr by Opawesome fixed typos
May 21, 20215 yr I believe you will be prompted for the password if you reboot. I do not use encrypted disks on my live server so I may be wrong about that
May 21, 20215 yr Author 39 minutes ago, itimpi said: I believe you will be prompted for the password if you reboot. Hi @itimpi, Many thanks for your answer. I confirm that, indeed, I was prompted for the password after a reboot. I am still curious to know if this is the intended behaviour or if I am suffering an issue of some sort. Thank you all in advance. Best, OP
May 22, 20215 yr I commend you for doing this to your entire array... I'm still testing with some unsigned devices. The most difficult thing seems to be, "being outside" to test if something actually works or not. 6.
May 22, 20215 yr 10 hours ago, Opawesome said: Hi @itimpi, Many thanks for your answer. I confirm that, indeed, I was prompted for the password after a reboot. I am still curious to know if this is the intended behaviour or if I am suffering an issue of some sort. Thank you all in advance. Best, OP The keyfile is stored here root@Tower:~# pwd /root root@Tower:~# ls keyfile root@Tower:~# If you delete the keyfile then you will be prompted a array start.
May 26, 20215 yr Author On 5/22/2021 at 7:37 AM, SimonF said: The keyfile is stored here root@Tower:~# pwd /root root@Tower:~# ls keyfile root@Tower:~# If you delete the keyfile then you will be prompted a array start. Hi @SimonF Many thanks. I thought about that indeed, having seen threads on this forum where people complained about security issues relating to having the passphrase stored in plain text in this file. My understanding was that this issue was fixed and that this "keyfile" was no longer stored as such after the array is started. I did check for the existence of such file before creating this thread and it is indeed gone, at least on v6.8.3: Linux 4.19.107-Unraid. Last login: Fri May 21 21:09:41 +0200 2021 on /dev/pts/1. root@MOZART:~# pwd /root root@MOZART:~# ls mdcmd@ root@MOZART:~# The "DELETE" button you showed was also removed, at least in v6.8.3 Best, OP Edited May 26, 20215 yr by Opawesome
May 26, 20215 yr Author On 5/22/2021 at 7:20 AM, 6of6 said: I commend you for doing this to your entire array... You mean encrypting all devices in the array ? Why ?
Archived
This topic is now archived and is closed to further replies.