Skip to main content
NetApp Knowledge Base

How to assign authentication key to FIPS drive or SED

Last Updated:

Applies to

  • ONTAP 9
  • Onboard Key Manager (OKM)
  • External Key Manager (EKM)
  • Self-Encrypting Drive (SED)
  • Federal Information Processing Standards (FIPS) 


  • This article describes how to assign an authentication key to a FIPS drive or SED.
  • A self-encrypting drive is protected from unauthorized access only if its authentication key ID is set to a non-default value.
  • The manufacturer secure ID (MSID), which has key ID 0x0, is the standard default value for SAS drives.
  • For NVMe drives, the standard default value is a null key, represented as a blank key ID. 
  • When you assign the key ID to a self-encrypting drive, the system changes its authentication key ID to a non-default value.

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.