Which command should you use to create a ZFS encrypted file system named pool1/encrypt using the /mykey keystore?

You have already generated a 256-bit AES raw key and named the keystore file /mykey. You need
to use the key to create an encrypted file system.
Which command should you use to create a ZFS encrypted file system named pool1/encrypt using
the /mykey keystore?

You have already generated a 256-bit AES raw key and named the keystore file /mykey. You need
to use the key to create an encrypted file system.
Which command should you use to create a ZFS encrypted file system named pool1/encrypt using
the /mykey keystore?

A.
zfs create-oencryption = /mykey pool1/encrypt

B.
zfs create-oencryption = 256-ccm-okeysource = raw, file : ///my key pool1/encrypt

C.
zfs create-oencryption = AES keysource = /mykey pool1/encrypt

D.
zfs create-oencryption = on keystore = /mykey pool1/encrypt

Explanation:
Example: Encrypting a ZFS File System by Using a Raw Key
In the following example, an aes-256-ccm encryption key is generated by using the pktool
command and is written to a file, /cindykey.file.
# pktool genkey keystore=file outkey=/cindykey.file keytype=aes keylen=256
Then, the /cindykey.file is specified when the tank/home/cindy file system is created.
# zfs create -o encryption=aes-256-ccm -o keysource=raw,file:///cindykey.file tank/home/cindys
Reference: Oracle Solaris ZFS Administration Guide,Examples of Encrypting ZFS File Systems

Show Hint

Leave a Reply 3

Your email address will not be published. Required fields are marked *