1SEDUTIL-CLI(8)               sedutil-cli man page               SEDUTIL-CLI(8)
2
3
4

NAME

6       sedutil-cli - util to manage TCG Opal 2.0 self encrypting drives
7
8

SYNOPSIS

10       sedutil-cli <-v> <-n> <action> <options> <device>
11
12

DESCRIPTION

14       sedutil-cli  is a utility to manage self encrypting drives that conform
15       to the Trusted Computing Group (TCG) OPAL 2.0 SSC specification.
16
17       In  Linux  libata.allow_tpm  must  be  set  to  1.  Either  via  adding
18       libata.allow_tpm=1  to  the  kernel  flags at boot time or changing the
19       contents of /sys/module/libata/parameters/allow_tpm to a from a "0"  to
20       a "1" on a running system.
21
22

OPTIONS

24   General Options
25       -v (optional)
26              increase verbosity, one to five v's
27
28       -n (optional)
29              no  password  hashing.  Passwords  will  be sent in clear
30              text!
31
32
33   Actions
34       --scan Scans the devices on the system identifying Opal  compli‐
35              ant devices
36
37       --query <device>
38              Display the Discovery 0 response of a device
39
40       --isValidSED <device>
41              Verify whether the given device is SED or not
42
43       --listLockingRanges <password> <device>
44              List all Locking Ranges
45
46       --listLockingRange <0...n> <password> <device>
47              List all Locking Ranges, 0 = GLobal 1..n  = LRn
48
49       --eraseLockingRange <0...n> <password> <device>
50              Erase a Locking Range, 0 = GLobal 1..n  = LRn
51
52       --setupLockingRange  <0...n>  <RangeStart>  <RangeLength> <pass‐
53       word> <device>
54              Setup a new Locking Range, 0 = GLobal 1..n  = LRn
55
56       --initialSetup <SIDpassword> <device>
57              Setup the device for use with sedutil,  <SIDpassword>  is
58              new SID and Admin1 password
59
60       --setSIDPassword <SIDpassword> <newSIDpassword> <device>
61              Change the SID password
62
63       --setAdmin1Pwd <Admin1password> <newAdmin1password> <device>
64              Change the Admin1 password
65
66       --setPassword  <oldpassword,  " for MSID> <userid> <newpassword>
67       <device>
68              Change the Enterprise password for userid,  "EraseMaster"
69              or "BandMaster<n>", 0 <= n <= 1023
70
71       --setLockingRange <0...n> <RW|RO|LK> <Admin1password> <device>
72              Set the status of a Locking Range, 0 = GLobal 1..n  = LRn
73
74       --enableLockingRange <0...n> <Admin1password> <device>
75              Enable a Locking Range, 0 = GLobal 1..n  = LRn
76
77       --disableLockingRange <0...n> <Admin1password> <device>
78              Disable a Locking Range, 0 = GLobal 1..n  = LRn
79
80       --setMBREnable <on|off> <Admin1password> <device>
81              Enable|Disable MBR shadowing
82
83       --setMBRDone <on|off> <Admin1password> <device>
84              set|unset MBRDone
85
86       --loadPBAimage <Admin1password> <file> <device>
87              Write <file> to MBR Shadow area
88
89       --revertTPer <SIDpassword> <device>
90              set  the  device back to factory defaults.  This **ERASES
91              ALL DATA**
92
93       --revertNoErase <Admin1password> <device>
94              deactivate the Locking SP without  erasing  the  data  on
95              GLOBAL RANGE *ONLY*
96
97       ----yesIreallywanttoERASEALLmydatausingthePSID <PSID> <device>
98              revert  the  device  using the PSID.  *ERASING* *ALL* the
99              data
100
101       --printDefaultPassword <device>
102              print MSID
103
104

EXAMPLES

106       sedutil-cli --scan
107       sedutil-cli --query /dev/sdc
108       sedutil-cli --yesIreallywanttoERASEALLmydatausingthePSID <PSIDALLCAPSNODASHED> /dev/sdc
109       sedutil-cli --initialSetup <newSIDpassword> /dev/sdc
110
111

BUGS

113       Sleep (S3) is not supported.
114
115

AUTHOR

117       The tool was developed by Bright  Plaza  Inc.  <drivetrust@driv‐
118       etrust.com>.  This  man  page  was  written  by Jan Luca Naumann
119       <j.naumann@fu-berlin.de>.
120
121
122
1230.12                              18 Feb 2016                   SEDUTIL-CLI(8)
Impressum