Manage the Self Encryption Drive Authentication Key (SED AK)
For ThinkEdge SE360 V2 with SED installed, the SED AK can be managed in Lenovo XClarity Controller. After setting up the server or making changes to the configuration, backing up the SED AK is a must operation to prevent data loss in the hardware failure case.
SED Authentication Key (AK) Manager
Log in to Lenovo XClarity Controller web interface, and go to to manage the SED AK.
System Lockdown Mode is in Active state. SED AK is locked until the system is activated or unlocked. See Activate or unlock the system to activate or unlock the system.
Current user does not have the authority to manage SED AK.
- To generate, backup, and recover the SED AK with passphrase or backup file, the role of XCC user should be Administrator.
- To recover the SED AK from automatic backup, the role of XCC user should be Administrator+.
SED encryption
The status of SED encryption can be changed from Disabled to Enabled. Complete the following process to enable SED encryption.
Press Enabled button.
Select the SED AK generation method:
Generate key using Passphrase: Set the password and re-enter it for the confirmation.
Generate key randomly: A Random SED AK will be generated.
Press Apply button.
- Once SED encryptoin is Enabled, it cannot be changed back to Disabled.
- When SED encryption is enabled, rebooting the system is required after installing a drive; without rebooting, the drive will not be recognized by the host OS.
Change the SED AK
Generate key using Passphrase: Set the password and re-enter it for the confirmation. Click Re-generate to get the new SED AK.
Generate key randomly: Click Re-generate to get a Random SED AK.
Backup the SED AK
Set the password and re-enter it for the confirmation. Click Start Backup to backup the SED AK; then, download the SED AK file and store it safely for future use.
If you use the backup SED AK file to restore a configuration, the system will ask for the password that you set here.
Recover the SED AK
Recover SED AK using Passphrase: Use the password that was set in Generate key using Passphrase to recover the SED AK.
Recover SED AK from Backup file: Upload the backup file generated in Backup the SED AK mode and enter the corresponding backup file password to recover the SED AK.
Recover SED AK from Automatic backup: After system board replacement, use automatic backup to recover the SED AK for the installed SED.
NoteTo recover the SED AK from automatic backup, the role of XCC user should be Administrator+.