Open UtilFunction opened 1 month ago
Would this be something different to the HSM support we've had since v2.5.0?
Yes, these two are not related. HSMs basically only deal with authentication and the handling of keys. Self encrypting drives perform encryption autonomously and hence without overhead on the host's CPU which is considerable even with AES-NI.
Cryptsetup has been supporting hardware encryption with TCG Opal-compliant drives since version 2.7.0. The forthcoming version 41 of the Fedora installer will also support this functionality. It is possible to utilise either hardware encryption only, or in conjunction with software encryption by incorporating a straightforward flag.
It would be nice to have this option within archinstall.