General :: Hdparm Secure Erase
Jan 11, 2011can hdparm do secure erase on just a partition or does it have to be the whole drive?
View 5 Repliescan hdparm do secure erase on just a partition or does it have to be the whole drive?
View 5 RepliesI have a CF card I'd like to erase. My CF card reader is connected to my Linux machine via USB. How do I do a secure erase (i.e., the ATA Secure Erase functionality) of the CF card?
I have tried hdparm --security-erase NULL /dev/sdc, but I get an error: ERASE_PREPARE: Invalid exchange. In fact, any hdparm command gives me the same error:
# hdparm -I /dev/sdc
/dev/sdc:
HDIO_DRIVE_CMD(identify) failed: Invalid exchange
I read somewhere that hdparm can't do an ATA Secure Erase of a drive that is connected over USB. Is this true? I tried using sdparm, but sdparm doesn't seem to have the capability to send the ATA Secure Erase command to the CF card. So, what is the proper way to do this?
I first tried to use UBCD HDDErase although it won't detect my seagate 1000 GB Sata HD (This worked for my other computer/HD). So I loaded up a OpenSUSE live cd rescue terminal to enter the command (of course after setting a password and making sure HD is not frozen):
time hdparm --user-master u --security-erase uber /dev/sda
The following line appears:
"Issuing SECURITY_ERASE Command, password="uber", user=user
That's all it says and there is no % completed or anything. (as it appears on the wiki)
https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase
Also I can still type but theres no command or console or anything it just is blank if I hit enter.Is my HD being wiped right now? or is it not working?
I am running Xebian on my old Xbox. Currently I am trying to fit an old hdd that is locked (to a mo-bo that has expired). I have connected it up instead of the dvd drive and booted with it as slave. The OS can access it using hdparm -I /dev/hdb, but it showing as locked I have the key which is:
HDDLockDisablePassword 76 1d d3 2b e9 df 17 96 64 3b 5c 5f d9 95 ba 4e 74 f5 e5 0e 00 00 00 00 00 00 00 00 00 00 00 00
I am trying to input this using hdparm I have tried:
hdparm --security-mode U --security-unlock 761dd32be9df1796643b5c5fd995ba4e74f5e50e000000000000000000000000 /dev/hdb
which doesn't work. What format does the password need to be in. I suspect ASCII but I can't type some of the characters. Is the rest of the syntax correct? EDIT I have another key:
XboxHDKey d0 f3 f9 9a 03 20 41 b7 a4 70 bd eb 1b b3 cc ac
Should I be using this one?
I have recently installed ubuntu on a previously vista operated laptop, now i need to eradicate all of vista i care not for it at all, I've read some of the threads here and saw someone say something about ubuntu overwriting everything on my hard drive including vista, is that dangerous, easy, and the most efficient way of doing this. i also tried removing the partition of vista by following a response to a thread, using gparted but now im stuck and i failed horribly (very limited computer knowledge).
View 11 Replies View RelatedAssume I have a computer on which I want to use ubuntu for a while (single boot). Assume also that in about six months I want to give this computer to Mr. X, but I do not want Mr. X to know that I have been using ubuntu. I don't want to install anything over top of ubuntu, I just want the computer to be completely (or as nearly completely as possible) blank so that Mr. X cannot infer what I've been doing on it. The trick here is that I can't use operating system x_{1} to delete operating system x_{0}. I don't want Mr. X to know anything about which OS I have been using. Mr. X, by the way, is a sophisticated computer user but not particularly interested in tracking me down. Once he sees that the computer is blank Mr. X will just install his own operating system and everybody will be happy.
View 1 Replies View RelatedI am in fc13, have installed a package, realise lately that its not really useful. that package install a lot of package for dependency.How can i erase all the package together that was downloaded and installed together with the target package as dependency via yum? actually i have done it using #yum erase `cat /var/log/yum.log |grep "Aug 31 22" |awk '{print $5}'|`as I know when I have installed them.....but is there ant safer and better way?
View 1 Replies View RelatedI need to restart my harddrive and reinstall debian.
View 8 Replies View RelatedCan anybody explain step by step how to erase windows xp from the computer and how to install Ubuntu?
View 2 Replies View RelatedAfter installation, when starting to boot, I have several choices showing:
1)Ubuntu, w/ Linux 2.6.38-8-generic pae
2)Ubuntu, w/ Linux 2.6.38-8-generic pae (Recovery Mode)
3)Memory test (memtest 86+)
4)Memory test (memtest 86+, serial console 115200
5)Windows Server 2003 For Small Business Server (on /dev/sdd1)
I used #1 and I only have a blank screen.
I used #2 and I went into recovery mode, but I keep getting the error message: "No root
file system is defined. Please correct this from the partition.
I just want to erase all of numbers 1 to 5 and start clean. what should I do?
I'm an Oracle DBA and started working for my current employer about 4 months ago. This past weekend an alert re: FS space brought my attention to /var/spool/clientmqueue (full of mail re: cron jobs) and the fact that sendmail is not running on our Linux servers.I'm told that the IT security team deemed sendmail too vulnerable so we don't run it.Aside from FS filling up and missing notification of issues with crontab entries, I'm concerned that we may be missing notification of potential issues. In other Unix/Linux environments I've seen emails from the print daemon when it experienced problems with specific jobs.
Are there other Linux facilities aside from cron and lpd that use email to advise the users of possible issues? Are there ways to secure sendmail or secure alternatives to sendmail? My primary need/desire is to make sure that emails regarding issues on the server get to the appropriate users. Secondary goal would be to have the ability to use mailx to send mail out. There is No need/desire to receive mail from outside.
How can I change or erase windows XP password from Ubuntu Live (11.04) booted on the PC in question? I reckon it should be possible, at least it is possible to do so to another Ubuntu installation, but I never knew how to do it to XP.
View 1 Replies View RelatedThe XP partition ceased to boot (in fact when it seems to start Windows, it re-boots once and again). I can access the XP partition from Ubuntu 9.10
If I boot with the WXP CD and reinstall it in the original NTFS partition, will it wipe the boot menu out, loosing any chance to boot in Linux?
I've been using ubuntu for the past year now but unfortunately I have to confess I never had to compile anything from scratch. I bought a new intel SSD drive and I've been running some benchmarks on it with various fs. The new hdparm version has a few features that I'd like to test (TRIM/wiper) but I don't know how to install it as it's not in the repositories. I've been googling for almost 4hrs now but I still haven't found a way to do it.
I've downloaded the tar.gz file from sourceforge and I've decompressed it. Inside, it was a debian folder but there was no .deb file in it. Anyway I did a "make hdparm" and it compiled with no errors. It gave me an "hdparm" executable which works fine if I call it with the full path. what's the proper way to install it in place of the already apt-get installed package?
Im wanting to put HDD's to sleep using hdparm after 20min of activity (a 4x disk raid5 array and two single disks). I have edited /etc/hdparm.conf, adding the following lines at the end of the file:
Code:
#6TB RAID5 POWER DOWN
/dev/disk/by-id/scsi-SATA_ST32000542AS_5XW0T1R6 {
spindown_time = 240
[code]....
Code:
sudo hdparm -y /dev/disk/by-id/scsi-SATA_SAMSUNG_HD501LJS0MUJDWQ411622
The HDD's will sleep with out issue. Ive looked around my log files and cant seem to find anything to do with hdparm, or the HDD's sleeping. Have I make a mistake in the .conf file? Is there some place hdparm logs, or if I can activate some sort of verbose mode? Or does hdparm need to be activated on boot?
EDIT: I'm using ubuntu 10.04.1 x64 last updated today.
I'm using hdparm -Y /dev/sda1 to force one of my HDDs to sleep upon system startup, but some process accesses it and it is turned on again. How can I disable the automatic startup of HDDs?
View 1 Replies View RelatedI'm trying to make sure I don't screw anything up. When I type in the following into the terminal:
sudo hdparm -M 128 /dev/sda
Are the changes permanent, even if I restart? If not, how can I make sure it is permanent? I've read of going into the /etc/hdparm.conf file and editing it, but what exactly do I type and where should it be put in the file?
I have hdparm running and see the reading in gkrellm
.dev/sda = 36 celcius
in messages
smartd[2895]: Device: /dev/sda [SAT], SMART Usage Attribute: 194 Temperature_Celsius changed from 108 to 107
Where to change that smartd reading?
I have SSDs connect to my Linux machine through the LSI SAS/SATA 1068E controller. I've been trying to issue a ATA secure erase command to my SSDs, but I keep getting error. In fact even hdparm -i fails.
# hdparm -i /dev/sda
/dev/sda:
HDIO_DRIVE_CMD(identify) failed: Invalid exchange
HDIO_GET_IDENTITY failed: Invalid argument
Initially I thought there was some kernel configuration issue, so I tried connecting a SSD to the on board SATA and I no longer get errors. The secure erase worked. It seems there is some compatibility issue with hdparm and the LSI controller/driver I'm using. Any way to make hdparm play nice with my LSI controller? Has anyone had success getting hdparm to work with drives connected to an LSI controller?
Additianal info:
Linux Kernel: 2.6.30
hdparm: v9.27
LSI driver: Fusion MPT SAS Host driver 3.04.07
I have set up a hdparm configuration file ( /etc/udev/rules.d/50-hdparm.rules ) with :
Code: Select allACTION=="add", SUBSYSTEM=="block", KERNEL=="sda", RUN+="/usr/bin/hdparm -B 255 -S 0 /dev/sda" .
This works correct when I power on my system, however after waking my computer from sleep mode , /dev/sda appears to operate with APM .
Is there a way I can make this setting to be persistent ,i.e. APM disabled when waking up from sleep mode?
I am running Debian Jessie x64.
I've just put together a 10.04 server using a GA-D525TUD atom board. I've installed gnome desktop too. I'm trying to get 4 sata drives to go into standby, but hdparm seems to be ignoring the settings. If i issue hdparm -y /dev/sdx the drive duly goes into standby and stays in standby until accessed. I've put entries in rc.local along with the hdparm.conf settings, but still no joy.
Hdparm.conf:
/dev/sdb {
spindown_time = 244
}
[code]....
I have some general question with with quite an impact for the system I use I have a media server with 2 raid1 mirrors of 2 1 To disk aggregated with lvm and used by a big 2 To ext3 partition.A few days ago, munin (awesome!) started to send me notifications about smart attributes of some disks. Fyi, here's my hdparm.conf:
/dev/sda {
spindown_time = 54
}
/dev/sdb {
[code]...
regarding reliability and disk longevity, is it recommended to have them spin down while not used (most of the day, as these are storage unit for movies, pictures, documents..) or let them spin whatever.. ? Those are WD green and according to Tom' Hardware, the consumption is only slightly greater in idle compared to standby. The other question, (boat one as we say in french ) what is the best configuration here ? My 2 raid 1 stripes, or a raid 5 ? I know that two disks kill the raid 5, and they have to be of the same stripe to kill the lvm on the raid1, but what are the odds ?
I have tried issuing this command:
[root@C5 ~]# hdparm -a 256 -d 1 -r 0 -k 0 -u 0 -c 1 -A 1 -K 0 -P 0 -X 66 -W 0 -S 0 /dev/sda
/dev/sda:
setting fs readahead to 256
setting 32-bit IO_support flag to 1
[code]....
Note that setting most of the parameters fails - and it still appears to be in 16 bit PIO mode. Am I using the wrong tool here - or incorrect parameters - or are the results misleading? Is there some other interpretation?
On a Powerbook G4, I set hdparm to set the filesystem readahead (-a) to the maximum 2048 on boot. This produces a visible increase in performance... But today the hard drive started acting up - first generating I/O errors when trying to access various system binaries, and the second time bringing the desktop to a standstill and emitting loud clunking noises.In both cases the drive worked normally after a reboot... Even so, these are not what I'd consider good signs. However, the computer was working perfectly up until now, so I'm wondering if my tweaking was responsible. Can overly aggressive filesystem readahead settings damage an IDE hard drive?
View 2 Replies View RelatedI'm testing OpenSUSE 11.3 on a server and I'd like to disable the write cache on all of my drives. In Ubuntu Server I was able to accomplish this with hdparm by adding the appropriate settings to /etc/hdparm.conf
As far as I can find the only thing that OpenSUSE offers is /etc/sysconfig/ide which allows you to force particular DMA modes. I could just put the hdparm commands in /etc/init.d/boot.local but I'd prefer to do it the right way if there is a right way to do this in OpenSUSE.
How do I format another drive to "accept" Linux and delete/erase Windows?
View 6 Replies View Relatedsetting up secure ftp on linux
View 3 Replies View Relatedthere are different methods for securing based on home versus professional computers. My questions generally pertains to securing home desktops, but professional protection is definitely welcome :) Knowledge is power. Ever since moving to the wonderful world of Linux a couple years ago, I never even really thought about security. Seeing as most low-life scum make viruses for Windows machines seeing as they're more abundant.But how do I know if I'm safe/secure from anyone who want's to get at me or my stuff. I know that anyone who is determined enough to get in will, there's no question about that. But what steps can I take to ensure I'm protected from things like rogue root shells and automatic attacks? Also, is there a sort of built-in firewall/antivirus in more Linux distros?
I know this question is quite broad seeing as there are tons of ways someone could compromise your system, but maybe you could share what you did to make sure you were safe.I decided to not allow root login via ssh and to change the port is listens on to something random. Hopefully this a step in the right direction. Currently looking at iptables and shutting down services.
I choose not to run a login manager on my systems, instead opting for a tty login and then invoking xinit manually (slightly long story, it makes my life a lot easier to have a bunch of environment tweaks that my login shell sets up and has the rest inherit), but this leaves me with a security issue if someone else comes upon my PC, because even if I've locked my X session they can switch to a tty and kill my X session, dropping back to a shell.
I can either
Start running xinit; logout (which still has a race condition issue, if they get another Ctrl+C in before logout is invoked it'll give a shell) Try to disable the tty switching keys in X Wrap xinit in something to catch and ignore the signal from the Ctrl+C
I am trying to do secure VNC over SSH to a remote linux server from my windows PC, but running into this error.
Error: Unable to connect to host: Connection refused (10061)