Micron 5400 Shows No for Opal compliant

[adambmedent]

Hey all, trying to encrypt some Micron 5400 SSD's which are SED TCG Enterprise SSC compliant but not Opal. Does sedutil have the ability to work with these drives? Appreciate the input!

[adambmedent]

Figured I would include the output as well.

root@debtestprox:~/sedutil/Release_x86_64# ./sedutil-cli --scan Scanning for Opal compliant disks /dev/sda No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdb No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdc No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdd No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sde No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdf No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdg No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdh No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdi No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdj No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdk No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdl No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdm No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdn No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdo No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdp No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdq No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdr No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sds No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdt No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdu No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdv No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdw No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdx No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdy No Micron_5400_MTFDDAK7T6TGA D4MU802 /dev/sdz No Micron_5400_MTFDDAK7T6TGA D4MU802

[Blacklands]

In theory sedutil should support TCG Enterprise drives, I think? Maybe not all of them. Maybe only a subset of commands.

Have you tried to send some commands to the drive in question? What does the --query command return? Does it also say that the drive is unsupported?

Is this an internal drive or connected via USB? Not all USB solutions can pass the SED commands through properly. Also, is this a SATA drive?

I think with some drives the SED functionality might need to be enabled first before it's available. I don't know if this could be done via some software from Micron themselves. Actually, sometimes there is also the opposite problem, if you enable encryption in the vendor's software it actually makes that unavailable to sedutil. That's the case with Samsung drives I think.

Sometimes a PSID revert might also make the other SED stuff available? I think that's a security measure against ransomware and the like. You could try that (if it even works). That's all I can think of right now. I haven't personally used an Enterprise drive yet, only regular consumer OPAL drives.

Also, are you on the latest firmware for the drive already? If not, updating the firmware might help.

[Blacklands]

One more question, those are a lot of drives, I assume this is a server? How are the drives connected? Via a backplane? Is there an HBA card somewhere in the chain? I wonder if something in the chain might be interfering. If that's the case, after trying everything else, it could be useful to try connecting the drive directly to the motherboard without anything in between, if that's possible, and checking if that helps.

[adambmedent]

They are connected via a JBOD and HBA card.

They are all on the latest firmware.

If I run a query it comes back as unsupported.

root@debtestprox:~# ./sedutil-cli --query /dev/sda Invalid or unsupported disk /dev/sda

[adambmedent]

Well I am a ding dong, after speaking with micron support, they do make a 7.68TB 5400 that is non SED.