Root on GELI+ZFS without a separate boot pool?
list_freebsd at bluerosetech.com
Mon Apr 20 19:38:20 UTC 2020
Threads on others lists mentioned that with 12-R it's no longer
necessary to have a separate boot pool when using a GELI-encrypted root
ZFS pool. The documentation I can find only shows the simple case of
using a passphrase without a boot pool, or the "legacy" configuration of
using keyfiles with a separate boot pool.
The use case is data privacy on a failed disk sent back to the OEM under
RMA combined with unattended restarts. Prompting for a passphrase can't
happen. The means to decrypt the GELI volumes must never be stored on
the disk with the encrypted partitions.
It seems like it would work if the loader could access a separate
filesystem containing just the keys, but nothing in the documentation
suggests how to do this. That is, the configuration for using GELI keys
assumes the keys are on the same filesytem as the loader.
How do I get rid of having a separate /boot pool in my use case?
More information about the freebsd-questions