Disk wiping: Difference between revisions

From Notes to self
Jump to navigation Jump to search
← Older edit
Verbovet (talk | contribs)
Bureaucrats, Interface administrators, Administrators
2,627 edits
No edit summary
No edit summary
 
(35 intermediate revisions by the same user not shown)
Line 1: Line 1:
* To wipe an HDD by writing zeros to it:
* To wipe an HDD by writing zeros to it:
 
:<code># ddrescue --force /dev/zero /dev/sdX</code>
:<code># dd if=/dev/zero of=/dev/sdX iflag=nocache oflag=direct bs=4M</code>
:The average speed is above 100 MB/s, so 1 TB takes about 2-3 hours.
 
* To wipe an [http://ark.intel.com/products/family/83425/Data-Center-SSDs Intel Data Center SSD] by the Intel Memory and Storage Tool:
:The average speed is about 100 MB/s, so 1 TB takes about 3 hours.
#Delete all partitions
 
#<code># intelmas delete -intelssd ''#''</code>
:To print transfer statistics (to stderr):
::The index ''#'' can be found by using the command
 
::<code># intelmas show -intelssd</code>
:<code># killall -USR1 dd</code>
* To wipe a SSD by the [https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase ATA Security Erase] command:
 
#Make sure the drive is not frozen, support "enhanced erase" and <code>hdparm</code> prints "[number]min for SECURITY ERASE UNIT":
* To wipe a SSD by the ATA Security Erase command:
#:<code># hdparm -I /dev/sdX
 
#:[...]
#Make sure the drive is not frozen and support "enhanced erase":
#:Security:  
<code># hdparm -I /dev/sdX
#::        Master password revision code = 65534
:[...]
#::                supported
:Security:  
#::        not    enabled
::        Master password revision code = 65534
#::        not    locked
::                supported
#::        <span style="background:#ffff00">not    frozen</span>
::        not    enabled
#::        not    expired: security count
::        not    locked
#:::                <span style="background:#ffff00">supported: enhanced erase</span>
::        <span style="background:#ffff00">not    frozen</span>
#::        3<span style="background:#ffff00">min for SECURITY ERASE UNIT</span>. 3min for ENHANCED SECURITY ERASE UNIT.
::        not    expired: security count
#:[...]</code>
:::                <span style="background:#ffff00">supported: enhanced erase</span>
#Set a user password (this password will be cleared on the next step, so the exact choice does not matter):
::        3<span style="background:#ffff00">min for SECURITY ERASE UNIT</span>. 3min for ENHANCED SECURITY ERASE UNIT.
#:<code># hdparm --user-master u --security-set-pass foo /dev/sdX</code>
:[...]
#Issue the ATA Secure Erase command:
Check that <code>hdparm</code> prints "XXXmin for SECURITY ERASE UNIT".
#:<code># hdparm --user-master u --security-erase foo /dev/sdX</code>
 
#Check that security is disabled:
 
#:<code># hdparm -I /dev/sdX
[[Category: Debian GNU/Linux]]
#:[...]
#:Security:
#::        Master password revision code = 65534
#:::                supported
#::        <span style="background:#ffff00">not    enabled</span>
#::        not    locked
#::        not    frozen
#::        not    expired: security count
#:::                supported: enhanced erase
#::        3min for SECURITY ERASE UNIT. 3min for ENHANCED SECURITY ERASE UNIT.
#:[...]</code>
[[Category: Linux]]
[[Category: Hardware]]

Latest revision as of 19:51, 22 June 2021

  • To wipe an HDD by writing zeros to it:
# ddrescue --force /dev/zero /dev/sdX
The average speed is above 100 MB/s, so 1 TB takes about 2-3 hours.
  1. Delete all partitions
  2. # intelmas delete -intelssd #
The index # can be found by using the command
# intelmas show -intelssd
  1. Make sure the drive is not frozen, support "enhanced erase" and hdparm prints "[number]min for SECURITY ERASE UNIT":
    # hdparm -I /dev/sdX
    [...]
    Security:
    Master password revision code = 65534
    supported
    not enabled
    not locked
    not frozen
    not expired: security count
    supported: enhanced erase
    3min for SECURITY ERASE UNIT. 3min for ENHANCED SECURITY ERASE UNIT.
    [...]
  2. Set a user password (this password will be cleared on the next step, so the exact choice does not matter):
    # hdparm --user-master u --security-set-pass foo /dev/sdX
  3. Issue the ATA Secure Erase command:
    # hdparm --user-master u --security-erase foo /dev/sdX
  4. Check that security is disabled:
    # hdparm -I /dev/sdX
    [...]
    Security:
    Master password revision code = 65534
    supported
    not enabled
    not locked
    not frozen
    not expired: security count
    supported: enhanced erase
    3min for SECURITY ERASE UNIT. 3min for ENHANCED SECURITY ERASE UNIT.
    [...]
Retrieved from "https://alik.ejik.org/index.php?title=Disk_wiping&oldid=2063"