I was wondering - there are guides on how to remove geli encryption by replacing disks.
In the case of a vdev with mirrors, can I simply add a new disk without encryption, wait for resilvering, and removing another? Or do I need to replace a disk?
You definitely can. Make sure to create a partition table on the new disk that is identical to the present ones and refer to partitions by UUID and never by device name when attaching.
2 Likes
Not with the GUI, surely?
If you replace a disk of a GELI encrypted vdev via the UI it will very probably apply the same encryption to the new drive.
@pmh thank you so much! I was actually referring to your famous guide, so cool that the answer came from you 
.
That’s very nice, I didn’t want to risk loosing data, so if I’ll have to use a fresh disk anyway, so many e better off using it as an addition, not replacement.
@pmh I was wondering, do I have to reboot?
I am now finishing to resilver one vdev after removing the encryption of the last disk. I really would like to add another mirrored vdev to the pool, but I suspect this will encrypt the new disks, right?
My goal was to join the new disks and reboot on a later occasion.
I honestly don’t know what the UI and the middleware will do.
Apologies for the basic question - could you explain step by step how to create a partition table on the new disk that is identical to the existing ones?
gpart backup <old disk> | gpart restore -F <new disk>
“old disk” and “new disk” being device names like ada0, ada1, …
2 Likes