Opal 2 SSD with pureboot

Good morning, i am looking to see if anyone has tried doing Opel2 with pureboot, i am not sure its posable do to the PBA (pre boot authenticator).
this seems like somthing that should be supported by something like pureboot as its one more layer.
any info would be greatly appreciated if no one has tried it ill swap out the nvme in my librum 14 and give it a go but dont want to waste my time if it cant be done lol

You may have to ask Purism directly whether either of the boot firmware choices has support for Opal.

I think in the open source world, disk hardware encryption is considered a “bad thing” because it is not auditable and other similar or related issues. For all you know the disk firmware could be implementing the identity function for encryption or using something a bit more subtle but deliberately flawed or …

I understand that if you are using disk hardware encryption in conjunction with e.g. LUKS then the disk hardware encryption doesn’t hurt.

i was planning on runing luks on top of it figured my drive has this why not use it and just add a layer at no cost,
i wouldnt want to lose heads and the checks it does for boot

PS just sent an email to support for the first time in 30 years of IT lol

1 Like

they got back to me and it would need to be a custom solution. so i am thinking ill take a crack at it but its been 20 years since i worked on any kind of boot loaders lol, at least there is a linux kernel loaded already so should be too hard right?

1 Like

Provided that you only hardware encrypt an LBA range that corresponds to the root partition, not the boot partition?