Skip to content

Rewrite 11.2-angular process for replacing encrypted disk. #1497

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Sep 11, 2019
Merged

Rewrite 11.2-angular process for replacing encrypted disk. #1497

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
c60501f
Rewrite 11.2-angular process for replacing encrypted disk.
a-stjohn Sep 3, 2019
8ed7622
Update userguide/storage.rst
a-stjohn Sep 4, 2019
9789565
update with feedback and further testing.
a-stjohn Sep 4, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 24 additions & 16 deletions userguide/storage.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -410,6 +410,7 @@ it.
to separately back up disk master keys, it is usually not necessary
or useful.

.. _Encryption Options:

To manage the passphrase and keys on an encrypted pool, select the
pool name in
Expand Down Expand Up @@ -1789,22 +1790,29 @@ Replacing an Encrypted Disk
If the ZFS pool is encrypted, additional steps are needed when
replacing a failed drive.

First, make sure that a passphrase has been set using the instructions
in :ref:`Managing Encrypted Pools` **before** attempting to replace
the failed drive. Then, follow steps 1 and 2 as described above.
During step 3, there will be a prompt to enter and confirm the
passphrase for the pool. Enter this information, then click
:guilabel:`REPLACE DISK`.

Wait until resilvering is complete before
:ref:`restoring the encryption keys to the pool <Managing Encrypted Pools>`.
**Restore the encryption keys before the next reboot or access to
the pool will be permanently lost**.

#. Highlight the pool that contains the recently replaced disk
and click :guilabel:`Add Recovery Key` to save the new
recovery key. The old recovery key will no longer function, so it
can be safely discarded.
Ensure a :ref:`passphrase has been set <Encryption Options>`
**before** attempting to replace the failed drive. To replace a drive
in an encrypted pool,

#. Go to
:menuselection:`Storage --> Pools`. Locate the encrypted pool and
click
|ui-settings| :menuselection:`--> Status`.
Find the disk to replace and click
|ui-options| :menuselection:`--> Replace`.
Enter the passphrase that was set for the pool, then click
:guilabel:`REPLACE DISK`.

#. Click
|pool-lock| :menuselection:`--> Add Recovery Key`
and enter the root password to save the new recovery key. The old
recovery key will no longer function and can be safely discarded.

The pool can be rekeyed by clicking
|pool-lock| :menuselection:`--> Encryption Rekey`.

.. warning:: The pool passphrase is removed when the pool is
rekeyed.


.. _Removing a Log or Cache Device:
Expand Down