# Rearranging encrypted drives causes data loss



## jjthomas (Aug 1, 2015)

A few months ago, I lost the ability to log into my encrypted drive.  It was as though my password quit working.  I recall that I had move some of the drives around.  When I could no longer decrypt my disk, I put, I believe, everything back in the same ports as they were when I initially installed FreeBSD.  I was never 100% sure if I got every drive in the correct (SATA) port.  Nor, was I able to determine if I had done something to cause me to lose my ability to decrypt the disk.  I did try some recovery, but I could not get my data back.  I had recent backups, so I install Linux.

Recently, I did another FreeBSD (10.1) installation (Automatic root-on-ZFS encryption).  I moved my drives around and, again, I lost the ability to decrypt my root partition.  Since I was preparing my computer for PC-BSD installation, with an hour old backup, I simply let it go.  PC-BSD did not work out for me, I'm back to FreeBSD.

I have another computer that runs FreeBSD with MythTV.  It has never had a problem.  I've run it both with, and without, root-on-ZFS encryption.  I dropped the encryption to simplify unattended rebooting.

So my question is, why would moving a hard drive to a different port keep it from decrypting?  Is there a file I should be backing up?  I know when I do whole drive encryption under Slackaware, when I move my drives around, I need to run `mkinitrd` so the system can find the new root location.  Is there something similar in FreeBSD?

Thank you.

-JJ


----------



## SirDice (Aug 1, 2015)

ZFS doesn't care in what order the drives are, it'll find the correct ones regardless. Geli however is a different matter and depending on how you encrypted the drives it's possible you're trying to decrypt drive 1 with the key for drive 2 for example. Have you used the same key for all drives or does each drive have its own key?


----------



## jjthomas (Aug 1, 2015)

I only had the root drive encrypted.


----------

