Changing ZFS Key Location

Back when I was creating my original pool, I decided to use password prompt as my encryption key unlocking method. And it was good. But then I wanted to automate this a bit. I wanted my key to be read of USB drive.

To do that one can simply prepare a new key and point the pool toward it.

dd if=/dev/urandom of=/usb/key.dat bs=32 count=1
zfs change-key -o keylocation=file:///usb/key.dat -o keyformat=raw Pool

Of course, it's easy to return it back to password prompt too:

zfs change-key -o keylocation=prompt -o keyformat=passphrase Pool

Simple enough.

Leave a Reply

Your email address will not be published. Required fields are marked *