Versions Compared

Version Old Version 3 New Version Current
Changes made by

Niko Puruskainen

Niko Puruskainen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Download RESCUE64.img.gz image from the sedutil page
  2. Decompress the Rescue system
    1. Linux: gunzip RESCUE64.img.gz
    2. Windows: Use 7-Zip
  3. Transfer the Rescue image to the USB stick
    1. Linux: dd if=RESCUE64.img of=/dev/sdX
    2. Windows: Use Win32DiskImager to write the image to the USB stick
  4. Boot the USB stick.
  5. You will see the login prompt, enter "root" there is no password and you will get a root shell prompt

  6. Check for TCG Enterprise compliant drives using

    Code Block
    sedutil-cli --scan

    Output will look like this

    Code Block
    Scanning for Opal compliant disks
/dev/sda    E SAS ST600MP0015      NT03

  7. Check Locking status of the drive using 

    Code Block
    sedutil-cli --query

    Output will look like this

    Code Block
    /dev/sda SAS ST600MP0015      NT03 SEAGATE
TPer function (0x0001)
    ACKNAK = N, ASYNC = N. BufferManagement = N, comIDManagement  = N, Streaming = Y, SYNC = Y
Locking function (0x0002)
    Locked = Y, LockingEnabled = Y, LockingSupported = Y, MBRDone = N, MBREnabled = N, MediaEncrypt = Y
Geometry function (0x0003)
    Align = N, Alignment Granularity = 1 (528), Logical Block size = 528, Lowest Aligned LBA = 0
Enterprise function (0x0100)
    Range crossing = Y, Base comID = 0x07fe, comIDs = 2

    If output shows "Locked = Y" then this drive shall be unlockedNote

  8. Note PSID on the drive label

    Image Modified
    Note that every drive has its own unique PSID!
  9. With the matching PSID the drive can be unlocked with following command, replace "sda" with the matching "sdX" number of the drive you want to unlock
    1. For HGST and Western Digital drives

      1. For TCG Enterprise drives

        Code Block
        sedutil-cli --PSIDrevertAdminSP PSIDpasswordPrintedOnLabel /dev/sda

      2. For TCG Opal/Pyrite/Ruby drives

        Code Block
        sedutil-cli –-yesIreallywanttoERASEALLmydatausingthePSID PSIDpasswordPrintedOnLabel /dev/sda

    2. For Seagate drives

      Code Block
      sedutil-cli –-yesIreallywanttoERASEALLmydatausingthePSID PSIDpasswordPrintedOnLabel /dev/sdX

  10. If multiple drives are used and to find the matching "sdX" and disk serial use following command

    Code Block
    find -L /sys/class/block -maxdepth 4 -name vpd_pg80 -exec cat {} \; -exec echo {} \;

    This will show a list of all connected drives, including the "sdX" and disk serial

    W461R3VJ /sys/class/block/sde/device/vpd_pg80

  11. Repeat these steps with all drives which need to be unlocked.

...