Closed philfry closed 1 year ago
Okay, nevermind. The cause for this issue is the bootcmd. To solve this, download the UEFI PBA image and gunzip it. Then:
losetup -o 1048576 -f UEFI64.img
mount /dev/loop0 /mnt
sed -i 's/ acpi=off.*//' /mnt/EFI/boot/syslinux.cfg
umount /mnt
losetup -d /dev/loop0
sedutil-cli --loadPBAimage yourpassphrase UEFI64.img /dev/whatever
Hey @philfry, did you also have to disable Secure Boot?
Hi @sunknudsen – no, it works fine with secure boot enabled.
Hi all,
I have a Samsung 990 Pro 1TB m.2 ssd on an MSI Pro Z790-P wifi board which doesn't offer setting a hard disk password, like almost no desktop mainboard does. So I was trying to setup a pba to make use of the disk encryption.
I started with booting the rescue image and followed the instructions from https://github.com/Drive-Trust-Alliance/sedutil/wiki/Encrypting-your-drive. As
sedutil-cli --initialsetup debug /dev/nvme0
failed with a permission error I did a reversion of the psid usigsedutil-cli --PSIDrevert bunchofcharacters /dev/nvme0
which worked fine. I was able to complete the guide without any further errors. UEFI64 1.20.0 is now installed.After a poweroff and -on, the pba booted and asked for a password. Two things came up here:
is OPAL NOT LOCKED
orNOT OPAL
, says Starting OS and hangs.is OPAL Unlocked
), then it says Starting OS and … nothing. It just hangs. No keyboard reaction, no leds flashing or whatever.I started the rescue image again and was able to unlock the disk using
Also I was able to
fdisk -l
the disk and access at least the efi partition (the rescue image doesn't include many tools). Also when I press the reset button the disk stays unlocked and boots my OS without problems. So I guess the data was not harmed during the psid reversion.fwiw:
hdparm --security-unlock mypassword /dev/sd{a,b}
)Any clues on what I can try to make the pba boot my OS?