Disk wiping: Difference between revisions

From Notes to self
Jump to navigation Jump to search
← Older editNewer edit →
Verbovet (talk | contribs)
Bureaucrats, Interface administrators, Administrators
2,689 edits
No edit summary
No edit summary
Line 7: Line 7:
::The <code><index></code> can be found by using the command
::The <code><index></code> can be found by using the command
::<code># sst show --ssd</code>
::<code># sst show --ssd</code>
* To wipe a SSD by the [https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase ATA Security Erase] command:
* To wipe a SSD by the ATA Security Erase command:
#Make sure the drive is not frozen, support "enhanced erase" and <code>hdparm</code> prints "[number]min for SECURITY ERASE UNIT":
#Make sure the drive is not frozen and support "enhanced erase":
#:<code># hdparm -I /dev/sdX
#:<code># camcontrol security adaX
#:[...]
#:[...]
#:Security:
#:Security Option          Value
#::        Master password revision code = 65534
#:supported                 yes
#::                supported
#:enabled                   no
#::        not    enabled
#:drive locked             no
#::        not    locked
#:security config frozen   no
#::        <span style="background:#ffff00">not    frozen</span>
#:count expired             no
#::        not    expired: security count
#:security level            high
#:::               <span style="background:#ffff00">supported: enhanced erase</span>
#:enhanced erase supported  yes
#::        3<span style="background:#ffff00">min for SECURITY ERASE UNIT</span>. 3min for ENHANCED SECURITY ERASE UNIT.
#:erase time               4 min
#:enhanced erase time      4 min
#:[...]</code>
#:[...]</code>
#Set a user password (this password will be cleared on the next step, so the exact choice does not matter):
#Set a user password (this password will be cleared on the next step, so the exact choice does not matter):

Revision as of 20:09, 15 May 2026

  • To wipe an HDD by writing zeros to it:
# ddrescue -f /dev/zero /dev/addX
The average speed is above 100 MB/s, so 1 TB takes about 2-3 hours.
  1. Delete all partitions
  2. # sst delete --ssd <index>
The <index> can be found by using the command
# sst show --ssd
  • To wipe a SSD by the ATA Security Erase command:
  1. Make sure the drive is not frozen and support "enhanced erase":
    # camcontrol security adaX
    [...]
    Security Option Value
    supported yes
    enabled no
    drive locked no
    security config frozen no
    count expired no
    security level high
    enhanced erase supported yes
    erase time 4 min
    enhanced erase time 4 min
    [...]
  2. Set a user password (this password will be cleared on the next step, so the exact choice does not matter):
    # hdparm --user-master u --security-set-pass foo /dev/sdX
  3. Issue the ATA Secure Erase command:
    # hdparm --user-master u --security-erase foo /dev/sdX
  4. Check that security is disabled:
    # hdparm -I /dev/sdX
    [...]
    Security:
    Master password revision code = 65534
    supported
    not enabled
    not locked
    not frozen
    not expired: security count
    supported: enhanced erase
    3min for SECURITY ERASE UNIT. 3min for ENHANCED SECURITY ERASE UNIT.
    [...]
Retrieved from "https://alik.ejik.org/index.php?title=Disk_wiping&oldid=2743"