Date: Mon, 21 Mar 2022 07:52:20 -0500 From: "J. Hellenthal" <jhellenthal@dataix.net> To: Damian Weber <dweber@htwsaar.de> Cc: freebsd-security@freebsd.org Subject: Re: SSD erase question Message-ID: <BFCF6DBB-091E-4AEF-AF39-A6C4955CB4E4@dataix.net> In-Reply-To: <274c8cca-80b0-9460-6754-6bb77efbb4dd@htwsaar.de> References: <274c8cca-80b0-9460-6754-6bb77efbb4dd@htwsaar.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Personally I would use dc3dd from ports and you'll be plenty alright. While dd would be enough in most occasions I won't assume your data is of a t= ypical user. It only writes the random bits to the disk once. In some scenar= ios it's possible to reverse that. dc3dd takes care of that by writing multi= ple times. There is also dcfldd which was superseded by dc3dd. --=20 J. Hellenthal The fact that there's a highway to Hell but only a stairway to Heaven says a= lot about anticipated traffic volume. > On Mar 21, 2022, at 07:15, Damian Weber <dweber@htwsaar.de> wrote: >=20 > =EF=BB=BF > Hi all, >=20 > I'd like to have an answer on a secure FreeBSD way to erase=20 > SSDs before giving these away to someone for reusing it.=20 >=20 > Is the following enough to protect confidential data=20 > previously stored there? >=20 > 1) dd : overwriting with random bits (complete capacity) > 2) gpart create > 3) gpart add > 4) newfs >=20 > Details for an example with /dev/ada1 see below. >=20 > Thanks a lot, >=20 > Damian >=20 >=20 > # fdisk ada1 > ******* Working on device /dev/ada1 ******* > parameters extracted from in-core disklabel are: > cylinders=3D484521 heads=3D16 sectors/track=3D63 (1008 blks/cyl) >=20 > Figures below won't work with BIOS for partitions not in cyl 1 > parameters to be used for BIOS calculations are: > cylinders=3D484521 heads=3D16 sectors/track=3D63 (1008 blks/cyl) >=20 > Media sector size is 512 > Warning: BIOS sector numbering starts with sector 1 > Information from DOS bootblock is: > The data for partition 1 is: > sysid 238 (0xee),(EFI GPT) > start 1, size 488397167 (238475 Meg), flag 0 > beg: cyl 0/ head 0/ sector 2; > end: cyl 1023/ head 255/ sector 63 > The data for partition 2 is: > <UNUSED> > The data for partition 3 is: > <UNUSED> > The data for partition 4 is: > <UNUSED> >=20 > # gpart show ada1 > =3D> 40 488397088 ada1 GPT (233G) > 40 1024 1 freebsd-boot (512K) > 1064 480246784 2 freebsd-ufs [bootme] (229G) > 480247848 8149280 3 freebsd-swap (3.9G) >=20 > # dd if=3D/dev/random of=3D/dev/ada1 bs=3D512 count=3D488397088 >=20 > # gpart create -s gpt ada1 >=20 > # gpart add -t freebsd-ufs ada1 >=20 > # newfs -U /dev/ada1p1 >=20 >=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BFCF6DBB-091E-4AEF-AF39-A6C4955CB4E4>