August 27, 20187 yr I recently started using unRAID. In my setup I use encryption with a passphrase on all disks. After entering the passphrase to start the array there is a button at the far bottom of the main tab to delete the encryption keyfile. I wasn't sure what that meant so I started a terminal and found a file named keyfile which contained my encrpytion passphrase in plaintext. This is an enourmous security risk in my opinion. If somebody where to break in and steal my NAS he would be able to decrypt everything. How can I stop unRAID from creating that file? If that is not possible can I create a script that deletes this file every time the array starts?
August 28, 20187 yr Don't panic. This file is stored in RAM and disappears if the server is rebooted. It is only there for convenience, allowing you to stop the array and restart without requiring you to always key in the pass phrase. There is discussion to make this optional in some way to further harden the OS for those wanting extra security. For now you can just press that button to delete that file.
August 28, 20187 yr All of the OS files are in RAM. Only paths in /boot (the flash drive) and /mnt (the disks and user shares) are persistent storage.
Archived
This topic is now archived and is closed to further replies.