Signing; Nvsm Security; Secure Data Deletion; Prerequisites - Nvidia DGX A100 User Manual

‣
Each firmware class uses a unique encryption key.
‣
Firmware decryption is performed either by the same agent that performs signature check
or a more trusted agent in the same COT.
13.2.1.2. Signing
Explain what the concept is and why the reader should care about it in 50 words or fewer.
Concept definition.
13.2.1.3. NVSM Security
For information about security in NVSM, see
13.3. Secure Data Deletion
This section explains how to securely delete data from the DGX A100 system SSDs to
permanently destroy all the data that was stored there.
This process performs a more secure SSD data deletion than merely deleting files or
reformatting the SSDs.
13.3.1. Prerequisites
You need to prepare a bootable installation medium that contains the current DGX OS Server
ISO image.
Refer to the following content for more information:
‣
Obtaining the DGX A100 Software ISO Image and Checksum File
‣
Creating a Bootable Installation Medium
13.3.2. Instructions
Here are the instructions to securely delete data from the DGX A100 system SSDs.
1. Boot the system from the ISO image, either remotely or from a bootable USB key.
2. At the GRUB menu, select:
‣
(For DGX OS 4): 'Rescue a broken system' and configure the locale and network
information.
‣
(For DGX OS 5): 'Boot Into Live Environment' and configure the locale and network
information.
3. When prompted to select a root file system, choose Do not use a root file system and then
Execute a shell in the installer environment.
4. Log in.
5. Run the following command to identify the devices available in the system:
$ nvme list
If nvmecli is not installed, then install the CLI as follows and then run nvme list.
NVIDIA DGX A100
Configuring NVSM Security.
Security
DU-09821-001 _v01 | 78