Edit 2017-12-29: Justin Smith, who'd read this post, had a discussion by email with me pointing out he'd had some problems with this process: namely, wiping appeared to complete, but then he could still find files present on the disk afterwards. I couldn't figure it out, but suggested Justin contacted hdparm's author, Mark Lord, for advice. Mark diagnosed the problem as the drive not being unmounted first:
Yes, you MUST unmount anything that got automounted, because stuff that is mounted gets periodically written to by the kernel (filesystem timestamps etc), which could account for some of the non-zero stuff you saw later.
Mark's suggestion for wiping the drive was as follows:
(1) Un-mount all partitions of the drive, including those that got auto-mounted. Then do "
(2) Set an empty password:
hdparm --security-set-pass NULL /dev/sdX
(3) Erase it:
hdparm --security-erase NULL /dev/sdX
Yesterday I was trying to erase a hard drive before I used it for a new install. It may well have never been used, but I couldn't remember and, for the sake of a few minutes, it seemed sensible to do so first.
The best way to erase, especially if the drive is a solid state drive, is to use the ATA Secure Erase command which I've mentioned before. This command should also work for most magnetic hard drives too, unless they're ancient.
Instead of just mentioning the tool, I've summarised the details from the lengthy page where I found them below, and discuss how to deal with "frozen" drives.
You can access hdparm by booting into, for example, an Ubuntu installation DVD or USB. Installing Linux isn't required: you can just "Try Ubuntu" instead which doesn't install anything at all.
First, the most sensible thing to do when erasing a drive is remove any drives other than those you wish to erase. It means even if you accidentally type the wrong thing that you won't erase a drive that you didn't intend to.
Next, you need to get the drive's name. Open a terminal by pressing Ctrl+Alt+T.
sudo lshw -class disk
This will show you details of the disk, including the name. Replace the
/dev/sdX in the commands below with that name.
Setting a password
The next task is to set a password. I'm not sure that you really need to do this, but the kernel.org guide advises it due to problems with certain PCs, and it only takes one extra command. Note that the "foo" password below can be replaced by something of your choice, but it doesn't really matter; when the drive is erased, the password should be removed.
$ sudo hdparm --user-master u --security-set-pass foo /dev/sdX security_password: "foo" /dev/sdX: Issuing SECURITY_SET_PASS command, password="foo", user=user, mode=high SECURITY_SET_PASS: Input/output error
Well, that error wasn't expected.
When I've used hdparm in this way previously, I haven't had a problem. You might expect it if the drive has a password set already, but in this case I couldn't recall doing that. If that's the same for you, it could be a simple fix. First, check the drive's current status via:
$ sudo hdparm -I /dev/sdX
and you may see "frozen", as opposed to "not frozen", in the "Security"
section of the
hdparm output. This means you can't change security
settings, so attempting to set a password fails.
In this case, the actual
is simple. Suspending the PC, then powering it back on should then give
you an unfrozen drive: you can check by running the
hdparm -I command
Now, if you retry setting a password, you should be able to run the
SECURITY_SET_PASS command without error. Also, rerunning the
-I command yet another time should show that a password is "enabled" as
opposed to "not enabled".
You can now proceed with the erase. If your drive's
supported: enhanced erase, you could replace the
--security-erase below with
$ sudo time hdparm --user-master u --security-erase foo /dev/sdX
After the erase, the password should be removed, and running the
-I command one final time should show that the password is "not