blob: 064b38ae52189924ae8b7bd4d298f7b29fed0558 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
#!/bin/sh
# activate hardware's mysterious black magic "ATA secure erase", to
# prepare for old drive disposal, or to reclaim used parts of an SSD
# which are otherwise inaccessible to the OS.
#
# point of having this script is simply to avoid typoing the device
# name or the cmds. should review script and wiki page each time use
# script.
#
# do NOT use for drives not connected directly to the SATA controller
# on the motherboard (such as drives connected by USB SATA adaptors)
#
# see: https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase
set -e
set -x
# `hdparm -I` prints lots of facts about the device which can help
# confirm we're erasing the correct device and not our root partition.
# triple check it against lsblk, blkid, gparted etc.
device=""
! test -z "$device"
! ( mount | grep -q "$(basename $device)" )
# sudo scrub "$device" # in case the ATA secure erase actually just
# # bricks the device, first erase the device
# # without relying on its firmware, so we can just
# # go ahead and dispose of it if it does get
# # bricked.
# #
# # commented out because it is not clear to me
# # that scrub(1) can do anything meaningful to an
# # SSD; uncomment if wanted when running this script
sudo hdparm -I "$device" | grep -q "not frozen"
sudo hdparm --user-master u --security-set-pass Eins "$device"
! ( sudo hdparm -I "$device" | grep -q "not enabled" )
# drive may not support --security-erase-enhanced and so might need to
# change following line to use --security-erase
date
sudo time hdparm --user-master u --security-erase-enhanced Eins "$device"
date
sudo hdparm -I "$device" | grep -q "not enabled"
|
