Other can't enable LTO hardware encryption


New Member

Reaction score: 1
Messages: 1

Does anyone have tape drive hardware encryption working on freebsd?

I have an HP LTO-5 tape drive. Unencrypted read/writes and toggling compression with mt works, but enabling encryption doesn't. I compiled stenc, which does have ifdef's for freebsd sg, but no matter what I try I get either an error for 0x19 or 0x16 from ioctl ("inappropriate ioctl for device") when I try to set a key. I've tried 128 and 256bits, with and without -a 1 (key index). I've tried various devices, including /dev/sa0, nsa0, sa0.ctl, and /dev/pass0 (which says I don't have permission, despite the fact I'm root - no jails or anything funny). sg_logs -a /dev/sa0 works fine.

(Unrelated note to others who find this in search: you must manually enable the drive's write buffer every power cycle, and possibly after an sg* tools, with this command: camcontrol cmd /dev/nsa0 -c '15 10 00 00 04 00' -o 4 '0 0 10 0' -- or write performance is terrible and it will shoe shine.)