Hi all iv got quite big problem cos when ive set my truenas long time ago I wasn’t thinking about encrypting my datasets in first place, server was suppose to run only locally with backup. Now i decided to move my backup in to other place replication is set over Tailscale and is encrypted. And obviously replication from unencrypted datasets on server to encrypted datasets on backup its possible but all dataset on backup have to be unlock which is in security prospective pointless. If all datasets are locked ive got warning “Replication failed: cannot receive incremental stream: inherited key must be loaded Broken pipe” and replication is not working. I know I can copy my unencrypted datasets to new encrypted one but I could messed up, it is basicly like starting all over again if I have to copy. And maybe some one know other way to do this.
I struggled the same, until i reinitialize a new task without encrypt.
The pain to manually unlock all datasets everytime was higher than the risk to keep unencrypted data (my backup machine Is not up 24/7, Is powered on on need).
There Is for sure a reason for that, or something that we are doing in the wrong way… but at same time i can’t understand why all of those dataset, encrypted the same in the task, can’t be unlocked ONCE for all.
Two options.
-
iXsystems adds a feature to automatically lock an encrypted destination after a replication completes.
-
Use “raw” streams, which would require the source dataset to be encrypted.
I know that which is basically mean start all over again.
I hope they will add such a thing soon cos i dont need encrypting my server dataset @home.
You can make a feature request.