![secure erase ssd linux secure erase ssd linux](https://techgage.com/wp-content/uploads/2013/07/GParted-Icon-Deepin.png)
If you're not going to be releasing the disks to a 3rd party, and you don't expect someone to be willing to spend $10,000+ to get your data (or have access to a lab with magnetic force microscopes), a single-pass wipe will be totally fine. The rest of this will almost certainly go against the grain of this sub, but I'm going to do the best I can to support my position with both examples and sources from people much smarter than me. The following doesn't really apply to SSDs. TL DR right up front: you probably don't need to do anything, assuming you're talking spinning disks. You can use VMware Fusion or VirtualBox, both work equally well for this purpose.It really depends on what you're protecting.
![secure erase ssd linux secure erase ssd linux](https://i0.wp.com/dellwindowsreinstallationguide.com/wp-content/uploads/2020/09/vlcsnap-2020-09-20-05h54m26s914.png)
This works perfectly even on the earliest Intel Mac, and won't slow the machine down any. Your drive will be completely wiped by its own firmware, without using any appreciable amount of USB bandwidth, CPU, nor drive's write endurance (for SSDs). Hdparm -user-master u -security-erase NULL /dev/sda Issue the following commands on sysrescuecd's console: hdparm -user-master u -security-set-pass NULL /dev/sda This storage device will be available as /dev/sda. Attach the drive to the VM.Įnsure that only one USB device is attached to the VM. The VM does not need a hard drive, and needs only 256 MB of RAM.īoot up the VM. Set up a new VM and attach systemrescuecd image to the virtual CD drive. I never got it working with USB 3 ports, due to bugs in Linux kernel. I've verified that the NexStar NST-D306S3 dock works great. I'll detail this last solution here.īuy a USB 2 or USB 3 hard drive enclosure.
Secure erase ssd linux driver#
OS X provides good userland access to any USB device, so if one wished to bundle hdparm with a USB storage driver, it'd be possible to use hdparm on USB-connected devices to perform secure erasure.Īlternatively, you could write a kernel driver to expose this functionality to the userland.įinally, you can use a virtual machine running linux, since both VMware Fusion and VirtualBox expose USB devices to the guest. Unforunately, there's no hdparm for OS X, since OS X doesn't provide any way for userland to send arbitrary SATA commands to the drive :( On Linux, the hdparm utility exposes this functionality to the user - see hdparm -security-help for details. These commands have the drive's firmware perform the erasure of the data. On those drives, and on SSDs, a secure erase should take 1-4 minutes (!).Īll modern drives support ATA Secure Erase commands. For drives with encryption support, it'll be almost instantaneous, as all the drive needs to do is to overwrite the encryption keys and the data becomes useless. The firmware-based secure delete can be much faster than sending zeroes to the drive, even on spinning platter drives. It'll also tax your CPU and USB subsystem with sending all those zeroes around.
Secure erase ssd linux mac#
If you're on an older Mac that has a poorly performing USB 2 ports, it'll take much longer than necesary. It sends the drive's capacity worth of zeroes over the drive's interface. It applies unnecessary wear to SSD drives. The problem with using Disk Utility or dd if=/dev/zero to erase a disk is that: