Is native encryption ready for production use?

I don’t understand the negativity either. I’m sure people have their reasons for speaking out against native encryption in zfs. I think it would be really helpful to see some references to recent / unsolved bugs regarding native encryption that aren’t really obscure edge-cases (Im not aware of any).

I’ve used it for a year or longer on my home server since it was introduced. I remember there was that kernel thing that killed encryption performance (sorry I can’t be bothered to look that up right now). Apart from that never had an issue. After a migration of the pool I didn’t see the point of using encryption on a home server, so I removed it. But then again, I’m just one example and I don’t really do weird things - at least not on my home server! :upside_down_face:

As a matter of fact I am in the process of setting up another server which will run as offsite storage via a wireguard vpn. I will definitely use encryption at rest on it as I will be backing up to it and possibly sending over snapshots etc.