03-26-2018
Zfs send & receive with encryption - how to retrieve data?
Good morning everyone,
I'm looking for some help to retrieve data in a scenario where I might have made a big mistake. I'm hoping to understand what I did wrong.
My system is made of two Solaris 11 Express servers (old free version for evaluation). The first if for data and the second is for backups.
On the first, I created zfs filesystems with encryption turned on (tank/Documents). To make things easy, I used "keysource=passphrase,file:///zfs_key", then I copied the file to the second (backup) server in the same path.
In order to do my backups, I used zfs send & mbuffer to send the whole zpool (all the zfs' filesystems). Normally, this would work fine for both encrypted and unencrypted volumes. Except the last time I did this, I did not mount the encrypted filesystem and I ran send & receive without getting any errors... That is, until I rebooted the backup server and tried to access the data (mount the filesystem).
For some reason I do not understand, I always get an "invalid key" error. The weird thing is the "keysource" in the backup system is still the same as the source and the "zfs_key" is the same. I thought that when you send&receive encrypted filesystem the "key" was automatically generated on the receiving system using the "keysource" mentioned here, but there seems to be something fundamentally different when the filesystem is not mounted. (For example scrub of encrypted zfs filesystem give errors when it is not mounted)
I would like to know where is the valid key in such a scenario? and/or what happened?
Thank you for giving me your opinion on the subject.
Best Regards,
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi all,
First post!
I have just discovered that I can use unix to send mail to a mail address. I normally use entourage for my mail.
This unix mail is very intriguing to me, but something is not working... I tried the search, but could not find the answer...
This works:
(in terminal)... (1 Reply)
Discussion started by: bjorn
1 Replies
2. UNIX for Dummies Questions & Answers
Hi,
One of the users in our company can send but not receive email. We are using SENDMAIL in conjunction with procmail. The funny thing is that all his sent email is in his /var/spool/mail but the email client does not pick anything up! He is using IMAP.
Anyone see have any ideas? (2 Replies)
Discussion started by: mojoman
2 Replies
3. Programming
Dear friends,
How do I find the TCP send and receive buffer size? (1 Reply)
Discussion started by: nagalenoj
1 Replies
4. Shell Programming and Scripting
Hi,
I would like to write a program to receive the GPS data and then send the data via network to other program.
All of the program is not write yet(include host and sender)
All of the server OS is unix or linux
Could you mind to give me some idea to do this?
Thanks so much!
Ken
... (2 Replies)
Discussion started by: kenlok
2 Replies
5. Programming
char name;
printf ("Welcome to the server \n");
printf ("Enter user name: \n");
scanf ("%c", &name);
how can client send name to server:what should be the code?
int send ( int sid , const char ∗buffer Ptr , int len , int f l a g )
how can client receive ack from... (1 Reply)
Discussion started by: saiful_911
1 Replies
6. Shell Programming and Scripting
Hello,
I need to create a script to monitor sent/received packets for a period of time (the period of time will be a users input) and write the result to some txt file.
Is there any command (don`t want to use any 3rd party sw) what I can use?
I`m using Solaris 10.
Thank you (14 Replies)
Discussion started by: msojka77
14 Replies
7. Shell Programming and Scripting
Hi All,
I am writing one script to automate one long process. In this process we need to upload some input files and download some output files. So , I want to automate this upload and download by using mail functionality.
I want to trigger this script when I am sending mail to server. I know... (0 Replies)
Discussion started by: NirajThakar
0 Replies
8. Solaris
I 'm trying to clone a zfs file system pool/u01 to a new file system called newpool/u01 using following commands
zfs list
zfs snapshot pool/u01@new
zfs send pool/u01@new | zfs -F receive newpool/u01
Its a 100G file system snapshot and copied to same server on different pool and... (9 Replies)
Discussion started by: fugitive
9 Replies
9. Solaris
trying to clone a zfs file system on the same system using
zfs send -r root/branch@snapshot |zfs receive root/newbranch and get the following error :parent does not exist. How do I fix this? (1 Reply)
Discussion started by: os2mac
1 Replies
10. Shell Programming and Scripting
i have connected with my board through serial interface using minicom and i am running a bash script, which should test ethernet (ping test), USB read/write, RS232 ..
I have managed to test ethernet and USB read/write.
I test ethernet with ping.
I test USB read/write, using dd and verifying... (10 Replies)
Discussion started by: linuxmember
10 Replies
LEARN ABOUT FREEBSD
gptzfsboot
GPTZFSBOOT(8) BSD System Manager's Manual GPTZFSBOOT(8)
NAME
gptzfsboot -- GPT bootcode for ZFS on BIOS-based computers
DESCRIPTION
gptzfsboot is used on BIOS-based computers to boot from a filesystem in a ZFS pool. gptzfsboot is installed in a freebsd-boot partition of a
GPT-partitioned disk with gpart(8).
IMPLEMENTATION NOTES
The GPT standard allows a variable number of partitions, but gptzfsboot only boots from tables with 128 partitions or less.
BOOTING
gptzfsboot tries to find all ZFS pools that are composed of BIOS-visible hard disks or partitions on them. gptzfsboot looks for ZFS device
labels on all visible disks and in discovered supported partitions for all supported partition scheme types. The search starts with the disk
from which gptzfsboot itself was loaded. Other disks are probed in BIOS defined order. After a disk is probed and gptzfsboot determines
that the whole disk is not a ZFS pool member, the individual partitions are probed in their partition table order. Currently GPT and MBR
partition schemes are supported. With the GPT scheme, only partitions of type freebsd-zfs are probed. The first pool seen during probing is
used as a default boot pool.
The filesystem specified by the bootfs property of the pool is used as a default boot filesystem. If the bootfs property is not set, then
the root filesystem of the pool is used as the default. zfsloader(8) is loaded from the boot filesystem. If /boot.config or /boot/config is
present in the boot filesystem, boot options are read from it in the same way as boot(8).
The ZFS GUIDs of the first successfully probed device and the first detected pool are made available to zfsloader(8) in the
vfs.zfs.boot.primary_vdev and vfs.zfs.boot.primary_pool variables.
USAGE
Normally gptzfsboot will boot in fully automatic mode. However, like boot(8), it is possible to interrupt the automatic boot process and
interact with gptzfsboot through a prompt. gptzfsboot accepts all the options that boot(8) supports.
The filesystem specification and the path to zfsloader(8) are different from boot(8). The format is
[zfs:pool/filesystem:][/path/to/loader]
Both the filesystem and the path can be specified. If only a path is specified, then the default filesystem is used. If only a pool and
filesystem are specified, then /boot/zfsloader is used as a path.
Additionally, the status command can be used to query information about discovered pools. The output format is similar to that of zpool
status (see zpool(8)).
The configured or automatically determined ZFS boot filesystem is stored in the zfsloader(8) loaddev variable, and also set as the initial
value of the currdev variable.
FILES
/boot/gptzfsboot boot code binary
/boot.config parameters for the boot block (optional)
/boot/config alternative parameters for the boot block (optional)
EXAMPLES
gptzfsboot is typically installed in combination with a ``protective MBR'' (see gpart(8)). To install gptzfsboot on the ada0 drive:
gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ada0
gptzfsboot can also be installed without the PMBR:
gpart bootcode -p /boot/gptzfsboot -i 1 ada0
SEE ALSO
boot.config(5), boot(8), gpart(8), loader(8), zfsloader(8), zpool(8)
HISTORY
gptzfsboot appeared in FreeBSD 7.3.
AUTHORS
This manual page was written by Andriy Gapon <avg@FreeBSD.org>.
BUGS
gptzfsboot looks for ZFS meta-data only in MBR partitions (known on FreeBSD as slices). It does not look into BSD disklabel(8) partitions
that are traditionally called partitions. If a disklabel partition happens to be placed so that ZFS meta-data can be found at the fixed off-
sets relative to a slice, then gptzfsboot will recognize the partition as a part of a ZFS pool, but this is not guaranteed to happen.
BSD
September 15, 2014 BSD