Secure Erase SSD

I ran into my first need to secure erase an SSD. On a traditional spinning disk hard drive, I used the ‘shred’ command in Linux and would write zeros to the drive and it would take a long time with multiple passes (paranoid?).

With SSDs writing zeros is strongly discouraged for the sake of the SSD lifespan. The steps below I used on two Dell 6400 series laptops and were adapted from the AskUbuntu forum.

Note: I could not find any instructions on how to do this with a SSD drive attached via a USB SATA dock. I had to plug the SSD directly to the motherboard via a SATA cable.

  1. Boot Ubuntu from a Live USB Flash Drive
  2. Open a Terminal
  3. Find your drive with: fdisk -l in this example, my drive was on /dev/sda
  4. Check your drive to see if it is frozen: hdparm -I /dev/sda
  5. If Frozen suspend the device with: systemctl suspend
  6. Wait a few seconds and then power the system back on.
  7. Check the frozen status again with: hdparm -I /dev/sda
  8. Once drive is ‘not frozen’ I found I had to set up a password, in this case, I just set the password to 12345678:
    hdparm --user-master u --security-set-pass 12345678 /dev/sda (replace 12345678 with the chosen password)
  9. This should return some confirmation text including: security_password: "12345678"
  10. Check that security has been enabled: hdparm -I /dev/sda (look for the enabled or not enabled line)
  11. Issue the Secure Erase command: hdparm --user-master u --security-erase 12345678 /dev/sda
  12. Do a quick: fdisk -l /dev/sda to make sure no partitions are there.