/secure-erase

Scripts to securely wipe disks of various types (HDD v. SSD) and interfaces (ATA, NVME)

Primary LanguageShellMIT LicenseMIT

ata-secure-erase

A bash script to securely erase ATA disks, runs the SECURITY ERASE UNIT command using hdparm.

The script functions along similar lines to hderase.py, but is written entirely in bash.

Suited to minimal Linux environments, or for those who object to use of Python on religious grounds.

For highly sensitive uses, particularly with SSDs, care should be taken to validate the erasure, or first overwrite the drive with a pass of zeroes:

Usage

$ sudo ./ata-secure-erase.sh -h

Usage:  ata-secure-erase.sh [-f] [-e] [-p] device | -l
Erase a disk with the ATA SECURITY ERASE UNIT command

OPTIONS
		-l    List available disks to erase
		-e    Perform "ENHANCED" security erase
		-p    Show estimated progress during erase
		-f    Don't prompt before erasing (USE WITH CAUTION)

EXAMPLES
	- Erase the device /dev/sda:

		ata-secure-erase.sh /dev/sda

Locked or Frozen Disks

If your (SSD) disk is locked or frozen, or perhaps already has a user password set, you may be able to unlock using a master password for the device:

Erasing NVME disks

NVME devices are not the same as ATA devices, and require different routines to erase at the device level. These may help:

See Also