GELI+ZFS failed disk issue

Daniel Staal DStaal at
Thu Oct 4 19:51:00 UTC 2012

On 2012-10-04 11:45, Andre Goree wrote:
> Hello all.  Wondering I can pick your brains regarding a situation
> I've  run into.  I've followed this article on setting up my FreeBSD 
> 9
> install  on ZFS w/GELI encyrption -- sans the part about having
> 'bootdir' on a  mirror, which, sadly, likely would've saved me from 
> my
> current problem:
> The server ran great and I had no issues until this past weekend,
> when my  hard drive that contains the OS pool (including /, /boot,
> etc.) FAILED.   I'm now in the situation where my encryption key file
> cannot be accessed,  since it is on a failed disk.  I can live 
> without
> the stuff on the OS  pool, however I have another pool containing 
> many
> GBs of data (music,  video, documents, etc.) that I desperately need
> and cannot lose.  Whats  worse is that I never got around to setting
> up backups for this data (damn  laziness!).

Unless you've got your key saved somewhere I don't see a lot of options 
for you.  There is one thing you might be able to try: There has to be a 
copy of the /boot directory someplace on that (failed) disk with the 
keys in an unencrypted form, otherwise it would have been unable to boot 
at all.  Depending on how the disk failed, there's a chance that 
(relatively small) section of the disk survived, and could be 
recoverable by a disk-recovery service.  But that's my only thought to a 

Daniel T. Staal

This email copyright the author.  Unless otherwise noted, you
are expressly allowed to retransmit, quote, or otherwise use
the contents for non-commercial purposes.  This copyright will
expire 5 years after the author's death, or in 30 years,
whichever is longer, unless such a period is in excess of
local copyright law.

More information about the freebsd-questions mailing list