If you set up hardware encryption, be sure to change the master password and set the security level to maximum.
Be aware, this password is different than the Physical Secure ID (PSID) printed on the front of the disk. PSIDs are used when the release to reset command doesn’t work, typically due to key issues, and the drive gets “locked”.
You use the PSID to run a revert to factory defaults command, unlocking the drive. Since this triggers the drive to release its’ key, the drive is considered “cryptographically erased” when you do this.
If you revert the drive, data on it is unrecoverable.
If you’re going to revert a drive, I suggest using a QR Code reader to get the PSID off the drive. Some venders are sadists with the font they choose making it so much fun to figure out if it’s a 1, l i I I O or 0…
It sounds like the article is an update to the age old performance issue discussions between hardware and software RAID solutions.
If you use a software solution for anything where there’s a dedicated hardware solution, the software solution is always slower due to CPU overhead.
Article recommendation boils down to: If you’re going to use encryption, and you want your full disk speed, use a hardware encryption solution. In their test their hardware supported OPAL.
No, they don’t.
SSDs, unless you buy a specifically encryption supported drive, are not encrypted. If it doesn’t indicate SED, SED non-FIPS or a FIPS certification level, the drive doesn’t have an encryption circuit.
Most of SSD already has good encryption methods
Unless you purchase a SED-non FIPS or FIPS SSD, no, they don’t
and an easy way to safely wipe data without re-writing each byte.
ATA Secure Erase is a god send for SSD.
It went from Columbus to Georgia, think the redline is to show the level of stupid. Shipping history, since he was kind enough to provide the USPS tracking number in his screenshot:
¯\(ツ)/¯\ you dropped this
Another vote for TrueNAS core here. Have been running it for a couple of years with no major issues.
Thank you for the info on this, will be using it going forward.
Not sure if you did this on purpose, or if something else did it as part of editing, but your bulleted steps included an en dash (–) instead of two short dashes (–).
Have had issues in the past with that, generally with WYSIWYG type editors combining your – into either – or —.
mkdir /mnt/iso
sudo mount -o loop /path_to_iso/filename.iso /mnt/iso
Eve Online where, as long as you’re not telling your victim to use real world money to buy things before you scam them, anything goes.
Going to try to get to the forge and do some blacksmithing
Using zone minder with reolink cameras. I’ve been happy with it so far.