Disk wiping: Difference between revisions

From Notes to self
Jump to navigation Jump to search
← Older editNewer edit →
Verbovet (talk | contribs)
Bureaucrats, Interface administrators, Administrators
2,689 edits
No edit summary
No edit summary
Line 10: Line 10:
#Make sure the drive is not frozen and support "enhanced erase":
#Make sure the drive is not frozen and support "enhanced erase":
#:<code># camcontrol security adaX</code>
#:<code># camcontrol security adaX</code>
#:<code>[...]
<par>
#:<code>Security Option          Value</code>
[...]
#:<code>supported                yes</code>
Security Option          Value
#:<code>enabled                  no</code>
supported                yes
#:<code>drive locked              no</code>
enabled                  no
#:<code>security config frozen    no</code>
drive locked              no
#:<code>count expired            no</code>
security config frozen    no
#:<code>security level            high</code>
count expired            no
#:<code>enhanced erase supported  yes</code>
security level            high
#:<code>erase time                4 min</code>
enhanced erase supported  yes
#:<code>enhanced erase time      4 min</code>
erase time                4 min
#:<code>[...]</code>
enhanced erase time      4 min
[...]
</par>
#Set a user password (this password will be cleared on the next step, so the exact choice does not matter):
#Set a user password (this password will be cleared on the next step, so the exact choice does not matter):
#:<code># hdparm --user-master u --security-set-pass foo /dev/sdX</code>
#:<code># hdparm --user-master u --security-set-pass foo /dev/sdX</code>

Revision as of 20:15, 15 May 2026

  • To wipe an HDD by writing zeros to it:
# ddrescue -f /dev/zero /dev/addX
The average speed is above 100 MB/s, so 1 TB takes about 2-3 hours.
  1. Delete all partitions
  2. # sst delete --ssd <index>
The <index> can be found by using the command
# sst show --ssd
  • To wipe a SSD by the ATA Security Erase command:
  1. Make sure the drive is not frozen and support "enhanced erase":
    # camcontrol security adaX

<par> [...] Security Option Value supported yes enabled no drive locked no security config frozen no count expired no security level high enhanced erase supported yes erase time 4 min enhanced erase time 4 min [...] </par>

  1. Set a user password (this password will be cleared on the next step, so the exact choice does not matter):
    # hdparm --user-master u --security-set-pass foo /dev/sdX
  2. Issue the ATA Secure Erase command:
    # hdparm --user-master u --security-erase foo /dev/sdX
  3. Check that security is disabled:
    # hdparm -I /dev/sdX
    [...]
    Security:
    Master password revision code = 65534
    supported
    not enabled
    not locked
    not frozen
    not expired: security count
    supported: enhanced erase
    3min for SECURITY ERASE UNIT. 3min for ENHANCED SECURITY ERASE UNIT.
    [...]
Retrieved from "https://alik.ejik.org/index.php?title=Disk_wiping&oldid=2747"