storage encryption disk revert-to-original-state
Revert a self-encrypting disk to its original, as-manufactured state
Availability: This command is available to cluster administrators at the admin privilege level.
Some self-encrypting disks (SEDs) are capable of an operation that restores them as much as possible to their as-manufactured state. The
storage encryption disk revert-to-original-state command invokes this special operation that is available only in SEDs that have the physical secure ID (PSID) printed on their labels.
The PSID is unique to each SED, meaning the command can revert only one SED at a time. The disk must be in a "broken" or "spare" state as shown by the output of the storage disk show command.
The operation in the SED accomplishes the following changes:
Sanitizes all data by changing the disk encryption key to a new random value
Sets the data authentication key (AK) and FIPS AK to the default values
Resets the data locking controls
Resets the power-on lock state to
Initializes other vendor-unique encryption-related parameters
The command releases the cluster shell after launching the operation. Monitor the output of the storage encryption disk show-status command for command completion.
When the operation is complete, it is possible to return the SED to service using the storage disk unfail command in
advanced privilege mode. To do so, you might also need to reestablish ownership of the SED using the storage disk assign command.
-disk <disk path name>- Disk Name
The name of the SED to be reverted to its as-manufactured state. See the man page for the
storage disk modifycommand for information about disk-naming conventions.
-psid <text>- Physical Secure ID
The PSID printed on the SED label.
The following command shows a SED being returned to its as-manufactured state:
cluster1::> storage encryption disk revert-to-original-state -disk 01.10.0 -psid AC65PYF8CG45YZABUQJKM98WV2VZGRLD