koryphaee Posted August 27, 2018 Share Posted August 27, 2018 I recently started using unRAID. In my setup I use encryption with a passphrase on all disks. After entering the passphrase to start the array there is a button at the far bottom of the main tab to delete the encryption keyfile. I wasn't sure what that meant so I started a terminal and found a file named keyfile which contained my encrpytion passphrase in plaintext. This is an enourmous security risk in my opinion. If somebody where to break in and steal my NAS he would be able to decrypt everything. How can I stop unRAID from creating that file? If that is not possible can I create a script that deletes this file every time the array starts? Quote Link to comment
tr0910 Posted August 28, 2018 Share Posted August 28, 2018 Don't panic. This file is stored in RAM and disappears if the server is rebooted. It is only there for convenience, allowing you to stop the array and restart without requiring you to always key in the pass phrase. There is discussion to make this optional in some way to further harden the OS for those wanting extra security. For now you can just press that button to delete that file. 1 Quote Link to comment
koryphaee Posted August 28, 2018 Author Share Posted August 28, 2018 Alright. Thank you for your response and explanation. Quote Link to comment
trurl Posted August 28, 2018 Share Posted August 28, 2018 All of the OS files are in RAM. Only paths in /boot (the flash drive) and /mnt (the disks and user shares) are persistent storage. 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.