Re: Advice on encrypted filesystem

To: debian-user@lists.debian.org
Subject: Re: Advice on encrypted filesystem
From: David Christensen <dpchrist@holgerdanske.com>
Date: Sat, 27 Jun 2020 13:19:09 -0700
Message-id: <[🔎] ae90713f-d6d2-6280-3006-430c398e390f@holgerdanske.com>
In-reply-to: <[🔎] 9c708143-da9a-8b58-2d76-b55df18dc50b@holgerdanske.com>
References: <[🔎] 202006242128.38301.rhkramer@gmail.com> <[🔎] 20200625022055.GA2133@axis.corp> <[🔎] 202006250740.43599.rhkramer@gmail.com> <[🔎] 20200626132549.GB3222@axis.corp> <[🔎] a504961c-b7c3-11ea-9b6a-00163eeb5320@msgid.mathom.us> <[🔎] 20200626190657.GA18934@axis.corp> <[🔎] 43556390-b7e3-11ea-9b6a-00163eeb5320@msgid.mathom.us> <[🔎] 20200627012532.GB32382@axis.corp> <[🔎] 0ba04325-4d0d-ad43-4a31-0e93f83494d9@holgerdanske.com> <[🔎] a7ae8436-1afc-7fbc-d9c6-930ab2f16269@dwaves.de> <[🔎] 9c708143-da9a-8b58-2d76-b55df18dc50b@holgerdanske.com>

On 2020-06-27 12:47, David Christensen wrote:

The ATA secure erase command isdesigned to erase all blocks, both host-accessible and hidden.

STFW, "secure erase" (aka "security erase") is an older feature and maynot erase all NAND blocks, just the "mapping table". (When I have donethis on my Intel SSD 520 Series devices and then dumped the entire drivewith hexdump(1), the host reported all zeroes. But, I have notdisassembled a drive, removed the NAND chips, and put them into a NANDchip reader.)

There is a newer feature "sanitize' that is supposed to erase both themapping table and all data storage NAND blocks:


https://www.micron.com/about/blog/2017/march/how-to-securely-erase-micron-sata-ssds

https://www.diskpart.com/articles/sanitize-or-secure-erase-ssd-4125.html

https://www.microcontrollertips.com/ssds-secure-erase-sanitize-faq/


David

Reply to:

References:
- Advice on encrypted filesystem
  - From: rhkramer@gmail.com
- Re: Advice on encrypted filesystem
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: Advice on encrypted filesystem
  - From: rhkramer@gmail.com
- Re: Advice on encrypted filesystem
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: Advice on encrypted filesystem
  - From: Michael Stone <mstone@debian.org>
- Re: Advice on encrypted filesystem
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: Advice on encrypted filesystem
  - From: Michael Stone <mstone@debian.org>
- Re: Advice on encrypted filesystem
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: Advice on encrypted filesystem
  - From: David Christensen <dpchrist@holgerdanske.com>
- Re: Advice on encrypted filesystem
  - From: Admin4 <admin4@dwaves.de>
- Re: Advice on encrypted filesystem
  - From: David Christensen <dpchrist@holgerdanske.com>

Prev by Date: Re: Advice on hardware server to use for small a dedicated data center
Next by Date: Re: Advice on encrypted filesystem
Previous by thread: Re: Advice on encrypted filesystem
Next by thread: Re: Advice on encrypted filesystem
Index(es):
- Date
- Thread