[CentOS] self-encrypting drives

Sun Sep 23 15:12:05 UTC 2012
Paul Heinlein <heinlein at madboa.com>

On Sun, 23 Sep 2012, Leonard den Ottolander wrote:

> As the interface for encrypting and locking an SED appears to be the 
> same as for locking a normal drive using the security commands from 
> hdparm should in theory work. This is assuming the BIOS pads 
> passwords that are smaller than 32 bytes the same way as hdparm 
> does, which is with NUL bytes.
> Hdparm currently only accepts passwords as strings, so if the BIOS 
> uses binary/hex strings for the password it could be problematic to 
> unlock the same drive with hdparm. It should be quite simple to 
> patch hdparm to accept hex strings as passwords though.
> I have used drive (un)locking with hdparm on USB drives so 
> (un)locking an external SED should be possible.

Interesting. I'd never investigated hdparm as a drive-password 
interface. I'll certainly keep that in mind.

Paul Heinlein <> heinlein at madboa.com <> http://www.madboa.com/