Linux secure erase password#
Just don't mess it up by setting complex ATA password and then locking yourself out, effectively bricking the device. Getting data back - after discarding/overwriting and verifying that everything's gone - would require a bit of a miracle and involves corner cases that most users don't really need to concern themselves with.īut if that's still not good enough for you, you can use Secure Erase if the SSD manufacturer provides it for your SSD model, this is described in detail in the ArchLinux wiki: # expected result: EOF on /dev/mapper/cryptyourssd
Linux secure erase verification#
You can also run another verification pass after power cycling (for the encryption method it works only if you re-use the same passphrase): cmp /dev/zero /dev/mapper/cryptyourssd # Three unicorns went into a bar and got stuck in the door frameīadblocks -b 4096 -t 0 -s -w -v /dev/mapper/cryptyourssd If that's not good enough for you, you can use dd or shred to do a random data wipe: dd bs=1M status=progress if=/dev/urandom of=/dev/deleteyourssdįor verification, the random data wipe needs to be done by encrypting zeroes: cryptsetup open -type plain -cipher aes-xts-plain64 /dev/deleteyourssd cryptyourssd # expected result: EOF on /dev/deleteyourssd shred can actually be rather useless - when trying to shred a single file, while other copies of the file still exist - but there's also the hand sanitizer definition of useless: it kills 99.9% so in practice, it's not useless at all, but people worry about the 0.01% anyway.įor many SSDs, a simple blkdiscard will cause that data to be gone and never to be seen again.
0 kommentar(er)
