On Wed, 20 Aug 2014, Edward Ned Harvey (lopser) wrote:
From: [email protected]
[mailto:[email protected]] On Behalf Of Paul Heinlein
You (and others in this thread) mention software solutions, but you
might also look at self-encrypting hard drives. You'll want to
Google
How does this work? I guess you go into BIOS, you enable encryption
on the hard drive, which requires you to set a password. And then
BIOS must save the password? Or you have to type in the pass every
time the hard drive wakes up?
The disk encryption happens all the time. If you put a FDE drive into
your laptop, the bits always get encrypted before being written to
platter (or whatever).
The interesting stuff happens when you encrypt the firmware-based key,
using the BIOS "set disk password" functionality. I don't think the
BIOS saves the password; I think the key remains decrypted until the
machine is powered off.
My recollection is that you need to enter the disk password only after
a full shutdown, but I only provisioned these machines; I never used
them day-to-day. So I don't know if you need to enter password after a
period of laptop hibernation. I don't think so, but I can't really
remember.
--
Paul Heinlein
[email protected]
45°38' N, 122°6' W
_______________________________________________
Tech mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
