GELI encrypted ZFS zpool

Fabian Keil fk at
Sat Sep 20 23:17:17 UTC 2008

Steve Bertrand <steve at> wrote:

> I have an older storage box that I've upgraded to -stable. It currently
> uses 7 SCSI disks mashed together with gstripe.
> I've recently replaced this box with a new one running a ZFS setup. I'm
> now wanting to turn the old one into a storage device running ZFS, but I
> want the entire pool encrypted with GELI.
> I know I can do this, but my requirements are as such:
> - use a key on external media to access the GELI encrypted disks
> - not have to type in the passphrase for each physical disk
> this possible?

It should be possible if you use keyfiles without password
for the vdevs and store those keyfiles on a geli encrypted
slice that uses both a keyfile and a passphrase.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url :

More information about the freebsd-stable mailing list