Unlocking Encrypted ZFS Volumes with a Passkey
Read OriginalThis article addresses the challenge of managing encryption keys for ZFS native encryption. It compares common approaches (typing a passphrase via SSH or storing a key in plaintext) and introduces Revaulter v2, a tool that uses WebAuthn passkeys to derive encryption keys in the browser. The setup allows users to approve ZFS dataset unlocks from their phone via a webhook notification, with end-to-end encryption ensuring the server never sees the plaintext key. The article includes technical details on the encryption scheme and practical steps for implementation.
0 comments
Comments
No comments yet
Be the first to share your thoughts!
Browser Extension
Get instant access to AllDevBlogs from your browser
Top of the Week
No top articles yet