Solid State Drive Erasure Using hdparm

Published by Torry Crass on

Not that long ago it was simple enough to spin up a system with a CD or USB load of DBAN or some other utility to perform a data wipe on a system. With the increasing prevalence of Solid State media these methods have needed to change.

It is no longer necessarily the most effective, and certainly not the recommended way to wipe solid state media. This is due to how solid state drives work. Performing a sequential write across the media is known to substantially shorten the life of the solid state disk and this will consequently increase your risk of outright drive failure and let me tell you, recovering data from solid state media is not trivial.

Alas I digress…

I recently needed to ensure proper data destruction on a solid state disk before returning it and I set out to find the current best way to approach this problem. Luckily for me, the folks at LSU have already posted a quick walk-through for this very situation. My write-up here is nothing more than a shortened version of their solid effort (mostly so I remember it) so please visit their link if you need more specific details on the process (https://grok.lsu.edu/Article.aspx?articleid=16716).


A brief disclaimer: This will wipe your data… possibly every single bit of it… use at your own risk, ask questions, validate anything you don’t understand just to be sure. Consider backups…

  • First, you need to find a LiveCD linux distribution with the program hdparm on it. Recommendations include CentOS, gparted, Debian, and possibly Ubuntu. Others may exist if you’re set on finding them.
  • Boot of the Live Media on a system with the attached drive you want to wipe and make sure to log in as root (if not already logged in as such, on some systems you might need to run sudo su –).
  • List the disks and partitions on the system using the command below.
fdisk -l
  • Locate the disk you will be wiping. For this case we will use /dev/sda. Your device may differ.
  • Next run the command below and look for the word frozen in the output. If it has the word not in front of it to fully state not frozen then you can skip the next two steps.
hdparm -I /dev/sda
  • To unfreeze the drive issue the following command below.
  • After a few moments run the hdparm -I /dev/sda command again to validate that the drive is no longer frozen.
echo -n mem > /sys/power/state
  • Next, set a temporary password on the drive to be used during the wipe process. This is done using the command below. Where “u” is the user and “p” is your password.
hdparm --user-master u --security-set-pass p /dev/sda
  • If this was successful you should be able to run hdparm -I /dev/sda again and find text that states “Security level high” below the area where you checked if the drive was frozen or not.
  • Beneath this you should also see an indication of if the drive supports enhanced erasing or not. This support will determine which command you run next.
If Enhanced: hdparm --user-master u --security-erase-enhanced p /dev/sda 
If Not-Enhanced: hdparm --user-master u --security-erase p /dev/sda
  • Once complete you should be able to validate this by running the hdparm -I /dev/sda command once more and the difference will be that the security state will be set to normal (i.e. not say Security level high) and the password you previously set should be wiped out (i.e. no longer set).

That should conclude your wipe needs for solid state in a manner that better preserves the drives lifespan while ensuring an acceptable level of data erasure on the device.


0 Comments

Leave a Reply