Does Linux support self-Encrypted Disk API?

linux api fde opal self-encrypting-drive

In this article it is shown how easy it is to bypass BIOS ATA passphrases, and it ends with that using the disks self-Encryption Disk (SED) API from within the OS would not give a performance hit. On Windows this API is called Microsoft eDrive. See here and here.

Does anyone know if Linux can communicate directly with the SED layer, so Linux handles the passphrase?


Solution 1:

I found GPL’d sedutil which allows managing SEDs at the "SED layer":

msed - Manage Self Encrypting Drives

This program and it's accompanying Pre-Boot Authorization image allow you to enable the locking in SED's that comply with the TCG OPAL 2.00 standard on bios machines.

The author of msed teamed up with Drive Trust Alliance to create a GPL’d enterprise solution:

I am joining forces with the Drive Trust Alliance (Drive-Trust-Alliance on GitHub) to bring the best possible open source SED tools to the community.

Related

Make Firefox cache a webpage so that I can view it without a reload after a restart
PDF: detect and crop multiple pages?
$f :\mathbb R \to \mathbb R$ be a bijective Lebesgue measurable function , then is $f^{-1}:\mathbb R \to \mathbb R$ Lebesgue measurable?
Asymptotic quality of rational approximations to $\pi$
Elementary proof of $f>0$ implies $\int f>0$?
How to integrate $\int \frac{\cos^m x}{\cos nx} \,\mathrm{d}x$
If $f$ is integrable, then I can bring continuous functions from above or below
Generalizing Determinants Through Multilinear Algebra and Immanants
An alternative proof for Bertrand's Postulate when $n \ge 36$
Sum of singular values of a matrix
BMO2 2017 Question 4 - Bobby's Safe
Theorem 6.16 in Baby Rudin: $\int_a^b f d \alpha = \sum_{n=1}^\infty c_n f\left(s_n\right)$