What is ZFS Native Encryption?

Per-dataset (not per-pool) encryption built into ZFS. Allows encrypted and unencrypted datasets in the same pool, plus encrypted send/receive for safe backups.

How much slower is ZFS with encryption?

With AES-NI modern CPUs: 5-15% IOPS loss. On old ARM CPUs without HW acceleration: up to 70%. Test with fio first.

What happens if I lose the key?

Data permanently lost. There's no recovery. Multiple key backups mandatory: password manager + printed in safe + off-site copy.

ZFS Encryption Guide: Native Encryption Done Right

Updated: 2026-04-29

ZFS has had Native Encryption since OpenZFS 0.8. Not LUKS-on-ZFS but real per-dataset encryption with raw-send/receive support. Here's the 2026 practical guide.

Short version

ZFS Native Encryption is per-dataset (not per-pool). You can have encrypted and unencrypted datasets in parallel in the same pool. Backups via zfs send stay encrypted – data never leaves the pool unencrypted. Performance impact: 5-15% on modern CPUs.

Setup on TrueNAS Scale

Storage → Pools → Add Dataset
Encryption: Enabled
Encryption Standard: AES-256-GCM (default)
Key Format: Hex or Passphrase. Passphrase easier, Hex more secure.
Generate Key: download as JSON file, store securely (Bitwarden, safe)
Dataset is ready to use

CLI setup (Linux ZFS)

zfs create -o encryption=aes-256-gcm -o keyformat=passphrase tank/secret
# Passphrase prompted
zfs mount tank/secret  # mounts after unlock
zfs unmount tank/secret
zfs unload-key tank/secret  # remove key from RAM
zfs load-key tank/secret  # unlock again

Key management

Three approaches:

Manual passphrase. On boot, passphrase is prompted. Most secure, but NAS must be manually unlocked after reboot.

Keyfile. JSON file with AES key. Lives e.g. on USB stick plugged in only at boot. Tricky for headless NAS.

Network unlock (Tang/Clevis). On boot the NAS contacts a Tang server on LAN that delivers the key. Auto-unlock in LAN, but key gone if Tang is offline. Complex setup.

TPM-based. On modern hardware the key can be stored in TPM 2.0 and unsealed automatically. Only on local boot. Hardware-bound – stolen drives in a different machine can't decrypt.

Performance impact

Modern CPUs with AES-NI: 5-15% IOPS reduction. Old ARM CPUs without hardware acceleration: 50-70% reduction (why cheap Synology models are slow). Test with fio before production.

Encrypted send/receive

Game-changer: zfs send -w sends the dataset encrypted, no key knowledge needed at receiver. Backup server only sees ciphertext. Restore: load key on original pool or new pool.

zfs send -w tank/secret@snap | ssh backup zfs receive backup/secret

Cloud backups (Backblaze B2 via rclone) get encrypted data directly.

Common mistakes

Lost key = lost data. Key backup mandatory. Multiple copies.
Encryption inheritance: sub-datasets inherit encryption. Decide consciously in hierarchy.
Snapshots of encrypted datasets are encrypted. Restore needs key.