Good morning everyone,
I'm looking for some help to retrieve data in a scenario where I might have made a big mistake. I'm hoping to understand what I did wrong.
My system is made of two Solaris 11 Express servers. The first if for data and the second is for backups.
On the first, I created zfs filesystems with encryption turned on (tank/Documents). To make things easy, I used "keysource=passphrase,file:///zfs_key", then I copied the file to the second server in the same path.
In order to do my backups, I used zfs send & mbuffer to send the whole zpool (all the zfs' filesystems). Normally, this would work fine for both encrypted and unencrypted volumes. Except the last time I did this, I did not mount the encrypted filesystem and I ran send & receive without getting any errors, until I rebooted the backup server and tried to access the data (mount the filesystem).
For some reason I do not understand, I always get an "invalid key" error. The weird thing is the "keysource" in the backup system is still the same as the source and the "zfs_key" is the same. I thought that when you send&receive encrypted filesystem the "key" was automatically generated on the receiving system using the "keysource" mentioned here, but there seems to be something fundamentally different when the filesystem is not mounted. (For example scrub of encrypted zfs filesystem give errors when it is not mounted)
I would like to know where is the valid key in such a scenario? and/or what happened?
Thank you for giving me your opinion on the subject.
Best Regards,
RN