Hey! I appreciate any comments, I would like to encrypt my data using SSD native on disk encryption, change the key to a “dummy” key leaving the data hidden at rest, then later swap in the “correct” key and begin using the data again. I have taken a look at sedutil-cli and nvme-cli but I can’t see a way to change the MEK/DEK which I believe are they keys I need to swap in and out.
Is this possible?
You must log in or register to comment.
What are you using to encrypt the drive? Gonna depend on that’s ability to rekey but that’s a pretty standard feature with PKI.
I know in LUKS it’s very possible.