How to assign authentication key to FIPS drive or SED
Applies to
- ONTAP 9
- Onboard Key Manager (OKM)
- External Key Manager (EKM)
- Self-Encrypting Drive (SED)
- Federal Information Processing Standards (FIPS)
Description
- This article describes how to assign an authentication key to a FIPS drive or SED.
- A self-encrypting drive is protected from unauthorized access only if its authentication key ID is set to a non-default value.
- The manufacturer secure ID (MSID), which has key ID 0x0, is the standard default value for SAS drives.
- For NVMe drives, the standard default value is a null key, represented as a blank key ID.
- When you assign the key ID to a self-encrypting drive, the system changes its authentication key ID to a non-default value.