User Tools

Site Tools


notes:drive_wipe

This is an old revision of the document!


Tools

sudo zypper install 'nvme-cli' -y && sync
sudo apt install 'nvme-cli' -y && sync
sudo dnf install nvme-cli hdparm -y && sync

Suspend/Wake

  • Some motherboard firmware lock/freeze drives, and prevents some wipe commands from working
  • Unlocking drives can be done with a suspend and wake
  • :!: This applies to both SATA and NVMe drives
sync && systemctl suspend

lsblk

  • :!: Always check before running anything
  • :!: Assume nothing; all commands below are immediately destructive on the block device they're ran on
lsblk

EFI Variables

sudo rm -f '/sys/firmware/efi/efivars/'* || sync && sudo efibootmgr -v

Drive Wipe

nvme0

  • :!: This is using LBA Format 1 for native 4K sector size
sudo blkdiscard --force --verbose '/dev/nvme0n1' && sync && sudo nvme format '/dev/nvme0' --force --namespace-id='1' --lbaf='1' --reset --ses='1' --pil='0' --pi='0' --ms='0' && sudo rm -f '/sys/firmware/efi/efivars/'* || sync
sudo blkdiscard --force --verbose '/dev/nvme0n1' && sync
sudo nvme format '/dev/nvme0' --force --namespace-id='1' --lbaf='1' --reset --ses='1' --pil='0' --pi='0' --ms='0' && sync
sudo wipefs --all --force '/dev/nvme0n1'

nvme1

sudo blkdiscard --force --verbose '/dev/nvme1n1' && sync && sudo nvme format '/dev/nvme1' --force --namespace-id='1' --reset --ses='1' --pil='0' --pi='0' --ms='0' && sudo rm -f '/sys/firmware/efi/efivars/'* || sync
sudo blkdiscard --force --verbose '/dev/nvme1n1' && sync
sudo nvme format '/dev/nvme1' --force --namespace-id='1' --reset --ses='1' --pil='0' --pi='0' --ms='0' && sync
sudo wipefs --all --force '/dev/nvme1n1'

sda

sudo blkdiscard --force --verbose '/dev/sda' && sync && sudo hdparm --user-master u --security-set-pass 'x' '/dev/sda' && sudo hdparm --user-master u --security-erase 'x' '/dev/sda' && sudo hdparm --user-master u --security-set-pass 'x' '/dev/sda' && sudo hdparm --user-master u --security-erase-enhanced 'x' '/dev/sda' && sudo rm -f '/sys/firmware/efi/efivars/'* || sync
sudo blkdiscard --force --verbose '/dev/sda' && sync
sudo hdparm --user-master u --security-set-pass 'x' '/dev/sda' && sudo hdparm --user-master u --security-erase 'x' '/dev/sda' && sync
sudo hdparm --user-master u --security-set-pass 'x' '/dev/sda' && sudo hdparm --user-master u --security-erase-enhanced 'x' '/dev/sda' && sync
sudo wipefs --all --force '/dev/sda'

sdb

sudo blkdiscard --force --verbose '/dev/sdb' && sync && sudo hdparm --user-master u --security-set-pass 'x' '/dev/sdb' && sudo hdparm --user-master u --security-erase 'x' '/dev/sdb' && sudo hdparm --user-master u --security-set-pass 'x' '/dev/sdb' && sudo hdparm --user-master u --security-erase-enhanced 'x' '/dev/sdb' && sudo rm -f '/sys/firmware/efi/efivars/'* || sync
sudo blkdiscard --force --verbose '/dev/sdb' && sync
sudo hdparm --user-master u --security-set-pass 'x' '/dev/sdb' && sudo hdparm --user-master u --security-erase 'x' '/dev/sdb' && sync
sudo hdparm --user-master u --security-set-pass 'x' '/dev/sdb' && sudo hdparm --user-master u --security-erase-enhanced 'x' '/dev/sdb' && sync
sudo wipefs --all --force '/dev/sdb'

sdc

sudo blkdiscard --force --verbose '/dev/sdc' && sync && sudo hdparm --user-master u --security-set-pass 'x' '/dev/sdc' && sudo hdparm --user-master u --security-erase 'x' '/dev/sdc' && sudo hdparm --user-master u --security-set-pass 'x' '/dev/sdc' && sudo hdparm --user-master u --security-erase-enhanced 'x' '/dev/sdc' && sudo rm -f '/sys/firmware/efi/efivars/'* || sync
sudo blkdiscard --force --verbose '/dev/sdc' && sync
sudo hdparm --user-master u --security-set-pass 'x' '/dev/sdc' && sudo hdparm --user-master u --security-erase 'x' '/dev/sdc' && sync
sudo hdparm --user-master u --security-set-pass 'x' '/dev/sdc' && sudo hdparm --user-master u --security-erase-enhanced 'x' '/dev/sdc' && sync
sudo wipefs --all --force '/dev/sdc'

sdd

sudo blkdiscard --force --verbose '/dev/sdd' && sync && sudo hdparm --user-master u --security-set-pass 'x' '/dev/sdd' && sudo hdparm --user-master u --security-erase 'x' '/dev/sdd' && sudo hdparm --user-master u --security-set-pass 'x' '/dev/sdd' && sudo hdparm --user-master u --security-erase-enhanced 'x' '/dev/sdd' && sudo rm -f '/sys/firmware/efi/efivars/'* || sync
sudo blkdiscard --force --verbose '/dev/sdd' && sync
sudo hdparm --user-master u --security-set-pass 'x' '/dev/sdd' && sudo hdparm --user-master u --security-erase 'x' '/dev/sdd' && sync
sudo hdparm --user-master u --security-set-pass 'x' '/dev/sdd' && sudo hdparm --user-master u --security-erase-enhanced 'x' '/dev/sdd' && sync
sudo wipefs --all --force '/dev/sdd'

Sector Size

NVMe

sudo nvme id-ns '/dev/nvme0' --namespace-id='1' --human-readable
sudo smartctl --all '/dev/nvme0'

sda

sudo smartctl --all '/dev/sda1'

sudo hdparm --set-sector-size '4096' '/dev/sda'

/var/www/wiki/data/attic/notes/drive_wipe.1628853063.txt.gz · Last modified: 2021/08/13 07:11 by Sean Rhone