-
Notifications
You must be signed in to change notification settings - Fork 62
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
unclear reset procedure for a DIMM with lost passphrase #154
Comments
@problame - I'd like to ask some clarifying questions:
If you used ndctl to enable security, ndctl writes the key blobs in If you used the passphrase feature in the BIOS, you'll need to know that passphrase (User and/or Master). There is no recovery option for a forgotten Master passphrase. Your only recourse is to replace the PMem. If you only set and forgot your User passphrase, you can perform a secure erase from the BIOS. The option is only enabled if you did not set a Master passphrase. All the data will be lost, but this will allow you to reprovision the PMem. |
Thanks, that's very helpful.
Good to know. Is there some reason inherent to PMEM for this? It seems like a pretty severe usability issue to say the least. |
I believe the module would already need to be unlocked for the set dimm command to succeed. |
It is unclear to me to how I would use either ndctl or impctl to "reset" a DIMM for which I have lost the passphrase.
Some docs seem to suggest the following command:
But that command is only available if ipmctl is built with
#ifndef OS_BUILD
.With standard CMAKE settings (no flags), invoking the command results in the following error:
It would be helpful to have documentation on how a DIMM for which the passphrase / key was lost can be resetted.
The text was updated successfully, but these errors were encountered: