Jump to content
tr0910

Format encrypted external disk / mount with UD

7 posts in this topic Last Reply

Recommended Posts

@dlandon has updated the Unassigned Devices plugin to allow us to mount encrypted drives.  However support for formatting the drives as encrypted is not yet working in UD.  Is there a commandline way to do this?  I will have encrypted drives outside the array. 

Share this post


Link to post

The reason that UD does not allow formatting of an encrypted disk is the management of the key phrase and the possibility of "locking the keys in the car".  You can mount a disk formatted in the array as long as there is an array disk mounted with encryption so the key phrase is available for UD to use.

 

Right now you have to enter the key phrase to start the array.  If you had disks in UD mounted with a different key phrase than the array, you'd have to enter each key phrase manually for each disk.  Storing the key phrase on the flash would not be secure.

 

Disk encryption is a new feature and LT will eventually come up with ways to manage encrypted disks in UD.  Until then you will not be able to format an encrypted disk in UD or amount a disk not encrypted for the array.

Share this post


Link to post

Is there a command line way to format a drive as encrypted xfs?  This will then be hooked up via Unassigned Devices.  Prefer not to have to add to the array just to format it XFS-encrypted.

Edited by tr0910

Share this post


Link to post

Did you ever find a way to do this? I have a drive that I would like to use with UD and would like it to be encrypted like the other disks in my array.

 

Is my only option to add it to the array, format it xfs encrypted and then shrink the array and rebuild parity?

Share this post


Link to post
41 minutes ago, THO said:

Did you ever find a way to do this? I have a drive that I would like to use with UD and would like it to be encrypted like the other disks in my array.

 

Is my only option to add it to the array, format it xfs encrypted and then shrink the array and rebuild parity?

You can use the cache slot to accomplish what you want without breaking parity.

 

If you have a current cache drive in use with VM's and dockers, disable both those services in settings, making sure the VM and docker tab do not appear in the GUI with the array started, then you can stop the array, unassign your current cache and set the cache slots to 1. Then assign the target drive, and set the desired format to XFS encrypted, start the array, verify that's the only drive showing unformatted, and check the box to format it. Once that's done, you can unassign it again, and return your normal cache drives.

Share this post


Link to post

Thank you very much for the workaround!

For anyone else with this issue, if your existing cache drive filesystem is different than what you want the new drive to be, make note of your existing filesystem before starting. Then after assigning your new drive to the cache, go into the properties to select the filesystem you want (make sure cache slots are set to 1 to allow changing the filesystem). After formatting and assigning your original cache drive back, you will need to go into its properties and re-select your previous filesystem.

Share this post


Link to post

@jonathanm and @THO thank you very much for the workaround and the hint! It worked just fine and I could encrypt my brand new drive which will not be part of the array and only be mounted in unassigned devices.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.