Disk wiping: Difference between revisions

From Notes to self
Jump to navigation Jump to search
← Older editNewer edit →
Verbovet (talk | contribs)
Bureaucrats, Interface administrators, Administrators
2,689 edits
No edit summary
No edit summary
Line 10: Line 10:
#Make sure the drive is not frozen and support "enhanced erase":
#Make sure the drive is not frozen and support "enhanced erase":
#:<code># camcontrol security adaX
#:<code># camcontrol security adaX
#:...
#:<code>[...]
#:Security Option          Value
#:<code>Security Option          Value</code>
#:supported                yes
#:<code>supported                yes</code>
#:enabled                  no
#:<code>enabled                  no</code>
#:drive locked              no
#:<code>drive locked              no</code>
#:security config frozen    no
#:<code>security config frozen    no</code>
#:count expired            no
#:<code>count expired            no</code>
#:security level            high
#:<code>security level            high</code>
#:enhanced erase supported  yes
#:<code>enhanced erase supported  yes</code>
#:erase time                4 min
#:<code>erase time                4 min</code>
#:enhanced erase time      4 min
#:<code>enhanced erase time      4 min</code>
#:...</code>
#:<code>[...]</code>
#Set a user password (this password will be cleared on the next step, so the exact choice does not matter):
#Set a user password (this password will be cleared on the next step, so the exact choice does not matter):
#:<code># hdparm --user-master u --security-set-pass foo /dev/sdX</code>
#:<code># hdparm --user-master u --security-set-pass foo /dev/sdX</code>

Revision as of 20:12, 15 May 2026

  • To wipe an HDD by writing zeros to it:
# ddrescue -f /dev/zero /dev/addX
The average speed is above 100 MB/s, so 1 TB takes about 2-3 hours.
  1. Delete all partitions
  2. # sst delete --ssd <index>
The <index> can be found by using the command
# sst show --ssd
  • To wipe a SSD by the ATA Security Erase command:
  1. Make sure the drive is not frozen and support "enhanced erase":
    # camcontrol security adaX
    [...]
    Security Option Value
    supported yes
    enabled no
    drive locked no
    security config frozen no
    count expired no
    security level high
    enhanced erase supported yes
    erase time 4 min
    enhanced erase time 4 min
    [...]
  2. Set a user password (this password will be cleared on the next step, so the exact choice does not matter):
    # hdparm --user-master u --security-set-pass foo /dev/sdX
  3. Issue the ATA Secure Erase command:
    # hdparm --user-master u --security-erase foo /dev/sdX
  4. Check that security is disabled:
    # hdparm -I /dev/sdX
    [...]
    Security:
    Master password revision code = 65534
    supported
    not enabled
    not locked
    not frozen
    not expired: security count
    supported: enhanced erase
    3min for SECURITY ERASE UNIT. 3min for ENHANCED SECURITY ERASE UNIT.
    [...]
Retrieved from "https://alik.ejik.org/index.php?title=Disk_wiping&oldid=2745"