Hello all,
I am using also at home Proxmox for some VMs and stuff, and also have a ZFS storage set up with Samba for my personal files. Works very well and I also have of course a backup, even to an external site.
Now I wonder. This year I migrated my datasets over to a encrypted setup, i.e. my personal files and stuff is using ZFS encryption with a key file. The idea behind this is that, in case I need to replace a disk, I can simply throw the disks without worrying about personal data on it. I have, so far, never had any problems with the ZFS encryption.
However, now a few months after I set this all up, I read a bit more about it. In the first place I thought the ZFS encryption is somehow production ready, but I see there are lots of bugs, even serious one which can lead to data loss. So I wonder if I should again move away from my encrypted datasets. I mean, the Nextcloud files are anyways accessible on the internet, and as long as the server is running, the datasets are all unlocked anyways, it really only helps when disks are replaced. So I wonder if just this small advantage justifies dealing with the potential ZFS bugs that could lead to loss of my personal files.
What do you do? do you encrypt your personal data, or leave it as-is?
I am using also at home Proxmox for some VMs and stuff, and also have a ZFS storage set up with Samba for my personal files. Works very well and I also have of course a backup, even to an external site.
Now I wonder. This year I migrated my datasets over to a encrypted setup, i.e. my personal files and stuff is using ZFS encryption with a key file. The idea behind this is that, in case I need to replace a disk, I can simply throw the disks without worrying about personal data on it. I have, so far, never had any problems with the ZFS encryption.
However, now a few months after I set this all up, I read a bit more about it. In the first place I thought the ZFS encryption is somehow production ready, but I see there are lots of bugs, even serious one which can lead to data loss. So I wonder if I should again move away from my encrypted datasets. I mean, the Nextcloud files are anyways accessible on the internet, and as long as the server is running, the datasets are all unlocked anyways, it really only helps when disks are replaced. So I wonder if just this small advantage justifies dealing with the potential ZFS bugs that could lead to loss of my personal files.
What do you do? do you encrypt your personal data, or leave it as-is?