this post was submitted on 20 Jan 2025
46 points (96.0% liked)

Linux

49115 readers
924 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
46
What are common tools on Linux to wipe an HDD pre RMA? (lemmy.world)
submitted 2 days ago by [email protected] to c/[email protected]
37 comments fedilink hide all child comments
 

A Qnap NAS has a drive with some bad sectors, I want to RMA it, but before just want to figure out how to prepare a drive? It's part of a raid 5 setup of 4 drives unencrypted. So I want to remove it and wipe it. Got a Linux machine I can use, but never done this before.

What are common Linux tools to do that sensibly?

all 38 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 5 hours ago

dd if=/dev/zero of=/dev/(your drive)

You can do status=progress if you want like someone else posted and if you pick a block size go with either the physical block size reported by the disk in smartcontrol or some multiple of it that coincides with a big even division of your controllers memory. The drives physical block size will be “easy” for the drive, bigger blocks are faster.

People saying physical destruction are operating in a different world than you and people saying urandom or shred are operating off old (>30 years) information. The same technology that makes ssds unrecoverable black boxes was originally developed and deployed in spinning drives to eek out speed gains because the disk itself can be expected to know better than the operating system where to put shit and makes techniques (which were postulated but never actually implemented successfully in the wild) to recover overwritten data infeasible.

Alternately just reformat it and don’t worry. No one doing drive rmas cares about your data. They’re already on the razors edge with feedback and customer trust, you think they’re gonna burn their above board bread and butter to run a harvesting operation for a few bucks on the side? That’s usually the purview of your local pc repair shop…

[–] [email protected] 5 points 11 hours ago (1 children)

Since dipshits are down voting me for being right, I'll just leave this here

https://skeptics.stackexchange.com/questions/13674/is-it-possible-to-recover-data-on-a-zeroed-hard-drive

[–] [email protected] 1 points 11 hours ago

Thank you thats useful to know!

[–] [email protected] 9 points 1 day ago* (last edited 1 day ago) 
sudo dd if=/dev/urandom of=/dev/[sdx] bs=4096K status=progress

Or for multiple passes:

sudo shred -fzv /dev/[sdx]

Change [sdx] to the drive you want to wipe, make sure you double check it's the right one.

[–] [email protected] 23 points 2 days ago* (last edited 2 days ago)

shred

Can also be used from KDE Partition Manager.

Use LUKS encryption in the future.

[–] [email protected] 17 points 2 days ago

shred or alternatively you can zero out all the bytes in a drive with dd if=/dev/zero of=/dev/<DRIVE>

[–] [email protected] 10 points 2 days ago (3 children)

dd if=/dev/zero of=/dev/disk

[–] [email protected] 10 points 2 days ago (2 children)

I’d recommend /dev/urandom instead of /dev/zero

[–] [email protected] 7 points 1 day ago (1 children)

Use shred , it will automate multiple random passes, and finish with a zero pass.

[–] [email protected] -2 points 1 day ago (1 children)

Completely unnecessary. Overwriting the whole drive with zeros completely stops anyone from being able to recover anything

[–] [email protected] 6 points 1 day ago (2 children)

It won't stop "anyone", I've been lead to believe there are ways even after a single pass, to recover data. if I had anything to hide, I would use a physical destruction method, nothing else

[–] [email protected] 1 points 9 hours ago (1 children)

If you're that paranoid about it, then just physically destroy the drive.

[–] [email protected] 1 points 4 hours ago (1 children)

I work for an it department who resells their old stock online, we scrub the disks before sales, physical destruction is not possible.

[–] [email protected] 1 points 47 minutes ago

That's the companies decision and they should understand the risks.

[–] [email protected] -1 points 22 hours ago

This is a miss understanding. Deleting it doesn't actually delete the data, just the meta data. Overwrite it and it's gone forever

[–] [email protected] 1 points 2 days ago

Yeh, you're right

[–] [email protected] 0 points 1 day ago

This is what I was gonna say

[–] [email protected] 3 points 1 day ago

I like badblocks in destructive mode. It can also do multiple rounds of overwriting. It is also a good tool to burn in a new hdd or test a used one. just check smartctl bad sector count, run it, check again if it increased.

[–] [email protected] 5 points 2 days ago

no help to you, but a heads-up to anybody yet to deploy disks in such a scenario: always use encryption by way of LUKS2. you can set it up easily to unlock it on boot by a key file on the boot drive, thumb drive, TPM and such. so when a drive gets sold, RMA'd, etc., you got none of these issues.

source: sold my old drives recently and the shred procedure took ages. the new ones are encrypted so none of that shit no more.

[–] [email protected] 6 points 2 days ago* (last edited 2 days ago)

https://linux.die.net/man/1/wipe

https://dban.org/

[–] [email protected] 6 points 2 days ago (4 children)

Assuming the drive writes normally a simple command like

dd if=/dev/random of=/dev/sdX

Where sdX is the location of the drive should do the trick. Depending on drive time this may take a bit.

[–] [email protected] 2 points 1 day ago (1 children)

Always use /dev/urandom for this purposes. /dev/random will be locked if it doesn't have enough entropy. It is good for getting some random kilobytes for cryptography but not 2 TB of random data for disk wipe.

[–] [email protected] 1 points 1 day ago

Thanks for the heads up!

[–] [email protected] 6 points 2 days ago (1 children)

Yeah my first thought was just keep running dd commands, and sooner or later you'll have the hdd wiped.

[–] [email protected] 10 points 2 days ago

Instructions unclear, accidentally deleted 200 EB of irrecoverable NASA data.

[–] [email protected] 5 points 2 days ago (1 children)

Just keep in mind that you can't wipe the bad sectors that have been remapped. That's unlikely to be an issue for a personal drive, but something to consider if it held particularly sensitive information.

[–] [email protected] 4 points 2 days ago

Sectors are what, 4kb? The odds of something sensitive being in those each of those 4kb is low (but never zero).

If the drive implements the ATA secure erase command properly, it should also clear all the remapped sectors too. But I don't know if I trust them to implement it properly. Maybe try it and inspect the disk with a hex editor.

[–] [email protected] 2 points 2 days ago

dd if=/dev/zero of=/dev/sdX bs=1M

This command is much faster. Instead of random bits, it just marks everything zero (dude). Is good enough.

[–] [email protected] 3 points 2 days ago

If the drive has bad sectors that it can't read right now, it likely had other sectors that were marginal and got copied (remapped) to new spare sectors before they became unreadable. So there is still potentially recoverable data in the remapped sectors, and not much you can do about it.

Basically, writing zeros to the disk is about as good as you can hope for. If your data is s00per seekrit to the point where you can't stand the possibility of any bits at all being recovered, you basically have to melt the drive. Otherwise, zero it and send it in.

Next time, set up encryption ahead of time, so your new drives never see plaintext. Some drives have a "secure erase" feature that is basically a crappy version of this built into the drive.

[–] [email protected] 2 points 2 days ago (1 children)

When I sold my drives, I used veracrypt with a 128 character password and PIM of 800+.

Isn't that the same thing as shredding?

[–] [email protected] 2 points 1 day ago (1 children)

No.

[–] [email protected] 1 points 1 day ago (1 children)

Can you elaborate?

[–] [email protected] 2 points 1 day ago* (last edited 1 day ago) (2 children)

Installing an operating system and enabling encryption won't overwrite the data on the entire disk. Instead, it will only overwrite on the specific sectors on which this operating system was installed.

Other "previous" data on the disk will remain intact and unaffected.

[–] [email protected] 2 points 1 day ago

Unless the OS installer chooses to wipe the driver, which Debian's (non-calamares) installer does.

[–] [email protected] 1 points 1 day ago

I understand what you mean. The way I did it was a full disk encryption as an "external drive" so the whole disk was encrypted

[–] [email protected] 1 points 2 days ago

The day job is Private Possum territory, so our agreement is

  • we won't send in drives
  • we will send proof of destruction

and I'm sure it costs more, but we don't have to worry about recovered user data.

Our stuff is also in those crazy-secure datacenters, too, so we don't need to mess with crypto-at-rest.

[–] [email protected] 1 points 2 days ago* (last edited 2 days ago)

DNAM. Is or used to be on the UBCD.

For the future remember, encryption helps when the disk is no longer operational.