3.3 KiB
Raw Permalink Blame History

source : Linsomniac's Articles - Encrypting ZFS on Ubuntu 20.04

encrypt - Unbuntu 20.04 full ZFS install

Here we are going to install Ubuntu 20.04 in almost full zfs updating zsys-setup to permit zfs encryption. Read bellow articles to understand why 2 differerent pools and full implementation.

initial boot and ssh

Boot the Ubuntu 20.04 Desktop installer/live CD.
Click the “Try Ubuntu” button.
launch a terminal.

set a passwd to root to permit remote ssh

$ sudo su
## passwd
New password :
Retype new passord :
passwd: password updated successfully

Install ssh to simplfy configuration edit.

## apt install ssh

Edit /etc/ssh/sshd_config to Enable PermitRootLogin change prohibit-password to yes like bellow.

#PermitRootLogin prohibit-password
PermitRootLogin yes
service ssh restart

find yout IP with : ip a

then connect remotely with : ssh

update zsys-setup to enable zfs encryption on rpool

The zsys-setup script is here : /usr/share/ubiquity/zsys-setup

bpool remain unencrypt.

Search for “zpool create”, and make sure you have found the create command that has “rpool” on the last line.

Before the “zpool create” insert: echo MYPASSWORD |

Before the last line of the command insert these lines:

-O recordsize=1M \
-O encryption=aes-256-gcm \
-O keylocation=prompt \
-O keyformat=passphrase \


you may be interrested if you are on a laptop in : right fit swap for laptop hibernation Ubuntu 20.04 full ZFS install

start installation

Run ubiquity to start the installer and install as normal, selecting “Use entire disk” and the option to use ZFS.

questions to be solves

  • what happen if zpool passwd is not given at boot shutdown ?
  • find a way to shut it down pass a delay