Managing the DGX A100 Self-Encrypting Drives
NVIDIA DGX A100 DU-09821-001 _v01|34
‣
-k: Lets you create the vault password in the command.
Otherwise, the software will prompt you to create a password before proceeding.
‣
-f: Lets you specify a JSON file that contains a mapping of passwords to drives.
Refer to “Example 1: Passing in the JSON File” for further instructions.
‣
-g: Generates random salt values (stored in /etc/nv-disk-encrypt/.dgxenc.salt) for
each drive password.
Salt values are characters added to a password for enhanced password security. NVIDIA
strongly recommends using this option for best security, otherwise the software will use a
default salt value instead of a randomly generated one.
‣
-r: Generates random passwords for each drive.
This avoids the need to create a JSON file or the need to enter a password one by one
during the initialization.
6.5. Enabling Drive Locking
After initializing the system for SED management, issue the following command, which uses
the nv-disk-encrypt command to enable drive locking.
$ sudo nv-disk-encrypt lock
After initializing the system and enabling drive locking, the drives will become locked when
they lose power. The system will automatically unlock each drive when power is restored to
the system and the system is rebooted.
6.6. Initialization Examples
This section provides some initialization examples.
6.6.1. Example 1: Passing in the JSON File
The following instructions in this section describe a method to specify the drive/password
mapping ahead of time. This method is useful for initializing several drives at a time and avoids
the need to enter the password for each drive after issuing the initialization command, or if you
want control of the passwords.
Refer to the following for more information:
‣
Determining Which Drives Can be Managed as Self-Encrypting
‣
Creating the Drive/Password Mapping JSON Files and Using it to Initialize the System
To Next Page
Loading...
Need help?
General
