6th January 2009

For contractual reasons I am currently unable to maintain any of my Open Source projects. I will remove or update this notice if and when that changes again. You are free to fork my projects under the provisions of their respective licensing terms, or contact me in case the license is not permissive enough for your purpose.

ATA Security

I have done some work on FreeBSD atacontrol(8) to support the ATA Security command set used for locking ATA drives with passwords. The command set is interesting because it includes commands to wipe the disk including bad blocks which would otherwise not be accessible for wiping from the operating system. Another benefit is the ability to freeze the security configuration as part of the boot process in order to prevent malicous ATA drive lockout.

ATA Security adds commands to password protect a drive. Normally, ATA Security is handled by the BIOS and the security configuration is frozen before the OS is loaded. However, some BIOSes do not freeze the security configuration. In such cases, atacontrol can be used to issue security commands to a device, for instance to unlock a device, set a password, disable password protection, to wipe the device or just to freeze the security configuration as part of the OS initialization process.

usage: atacontrol security <device> <security-command>:
atacontrol security <device>
atacontrol security <device> freeze
atacontrol security <device> set master
atacontrol security <device> set user high|maximum
atacontrol security <device> unlock master|user
atacontrol security <device> disable master|user
atacontrol security <device> erase master|user [enhanced]

Back to FreeBSD Contributions.