[CentOS] self-encrypting drives

Leonard den Ottolander leonard at den.ottolander.nl
Sun Sep 23 13:54:48 EDT 2012


Hello Paul,

On Wed, 2012-09-19 at 09:37 -0700, Paul Heinlein wrote:
> Management of Full Disk Encryption (FDE) drives is usually handled in 
> BIOS or via central Windows application.

I also expected unlocking at boot to be handled by the BIOS/UEFI, but
according to
http://www.trustedcomputinggroup.org/resources/commonly_asked_questions_and_answers_on_selfencrypting_drives it is actually the drive that boots a mini OS/pre boot loader that asks the user for the password and passes the actual MBR back to the BIOS after the drive gets unlocked. Nifty.

Regards,
Leonard.

-- 
mount -t life -o ro /dev/dna /genetic/research




More information about the CentOS mailing list