Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Securely erasing NVMe
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware
View previous topic :: View next topic  
Author Message
apurkrt
Tux's lil' helper
Tux's lil' helper


Joined: 26 Feb 2011
Posts: 99
Location: Czechia, Europe

PostPosted: Sun Dec 22, 2019 8:04 am    Post subject: Securely erasing NVMe Reply with quote

Hello, I found this nice page about securely erasing (S)ATA disk (in fact, an SSD) and used it succesfully:

https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

Would somebody know about such howto/faq for NVMe? I have found sys-apps/nvme-cli, but "man nvme" does not say much.
Back to top
View user's profile Send private message
rufnut
Apprentice
Apprentice


Joined: 16 May 2005
Posts: 227

PostPosted: Sun Dec 22, 2019 10:23 am    Post subject: Reply with quote

Quote:

sys-apps/smartmontools


This reads my nvme drives but haven't looked into security or secure erase.

For secure erase on USB sticks I use:

Quote:

app-crypt/bcwipe


:)
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 44945
Location: 56N 3W

PostPosted: Sun Dec 22, 2019 10:52 am    Post subject: Reply with quote

apurkrt,

Here be dragons.

All drives today use bad sector remapping. The idea is that the drive remaps failing sectors before they actually fail to avoid data being lost.
Once a sector has been abandoned, there is no access to it from the drive user interface but the data is still there.
How paranoid are you?

My view is that no modern HDD can be erased because its not possible to get at the now bad blocks. NVME is no different.

Code:
ID# ATTRIBUTE_NAME          FLAG     VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE
  5 Reallocated_Sector_Ct   0x0033   100   100   005    Pre-fail  Always       -       1
196 Reallocated_Event_Count 0x0032   100   100   000    Old_age   Always       -       2

If I was really nervous, I would replace that drive but the whole system is 10 years old and will get replaced "real soon now"
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
apurkrt
Tux's lil' helper
Tux's lil' helper


Joined: 26 Feb 2011
Posts: 99
Location: Czechia, Europe

PostPosted: Sun Dec 22, 2019 12:16 pm    Post subject: Reply with quote

NeddySeagoon wrote:
...
My view is that no modern HDD can be erased because its not possible to get at the now bad blocks. NVME is no different.
...


That is a good remark, thank you NeddySeagoon.

Though I was just looking for a proper way to erase ssd, and was told that dd if=/dev/zero of=<nvme> bs=16M (which I would do to clear a classic harddisk) is not such a good idea for ssd, that is why I am asking.

I have found some page with "nvme format" command, anybody has an experience with that?
Back to top
View user's profile Send private message
mike155
Veteran
Veteran


Joined: 17 Sep 2010
Posts: 1990
Location: Frankfurt, Germany

PostPosted: Sun Dec 22, 2019 1:27 pm    Post subject: Reply with quote

https://tinyapps.org/docs/nvme-secure-erase.html
Back to top
View user's profile Send private message
szatox
Veteran
Veteran


Joined: 27 Aug 2013
Posts: 1850

PostPosted: Sun Dec 22, 2019 1:28 pm    Post subject: Reply with quote

Are you going to reuse that drive or trash it?
You know.. In the latter case you could use the Force on that device. Or a hammer.
It's a quick way and I dare say totally unrecoverable :lol:
Back to top
View user's profile Send private message
apurkrt
Tux's lil' helper
Tux's lil' helper


Joined: 26 Feb 2011
Posts: 99
Location: Czechia, Europe

PostPosted: Sun Dec 22, 2019 2:09 pm    Post subject: Reply with quote

mike155 wrote:
https://tinyapps.org/docs/nvme-secure-erase.html


Thanks!

...and I definitely want to reuse the disk :)
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 14971

PostPosted: Sun Dec 22, 2019 5:56 pm    Post subject: Reply with quote

If you are reusing it, and plan to retain physical control of it, do you even need a secure erase? In my opinion, the main use case for secure erase is that you are giving up control of the drive (RMA, sell/gift to someone, or throwing it in the trash) and don't want the next recipient to have access to its data. If you're keeping the drive for yourself, no one will have the opportunity to explore it, so all you need is a clear sufficient to make it ready for use. That level of clear is probably just removing/rebuilding the partition tables / filesystems, and let the old data sit in blocks marked as "unused." Only root or someone with physical access can get at the blocks at that point, and anyone with that level of access can also get at the blocks that have your new in-service data too.
Back to top
View user's profile Send private message
apurkrt
Tux's lil' helper
Tux's lil' helper


Joined: 26 Feb 2011
Posts: 99
Location: Czechia, Europe

PostPosted: Sun Dec 22, 2019 6:22 pm    Post subject: Reply with quote

The intention was to give it away, hence I wanted to clear it.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum