In Symantec Encryption Management Server (formerly PGP Universal) environments with the appropriate policy, Whole Disk Recovery Tokens (WDRTs) are created automatically when a disk, partition, or removable disk is whole disk encrypted. They are sent to the Management Server, managing security for the disk or partition when they are created.
WDRTs can be used to access the disk or partition in case the passphrase or authentication token is lost. Once a WDRT is used, it cannot be used again, and another WDRT would need to be retrieved from the Management Server.
This article details the steps to authenticate a disk via the command line using a WDRT.
For example, to decrypt disk 2 with a WDRT, use: pgpwde --disk 2 --decrypt --rt 91J56-ZGYE1-25F06-HUT4V-CQUK2-YJE