• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    Secure wipe / erase for SSDs

    Scheduled Pinned Locked Moved
    Feature Request
    3
    10
    1.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      abulhol
      last edited by

      The FOG OS has nice options to securely wipe disks, but it is not efficient for SSDs.
      SSDs can be wiped with a few commands within seconds, while a shred for a 500 GB HDD takes about 1.5h.
      I have opened a Github issue for this:
      https://github.com/FOGProject/fos/issues/40
      Is anybody interested in adding this? Otherwise I will have a go at it.

      1 Reply Last reply Reply Quote 0
      • S
        Sebastian Roth Moderator
        last edited by

        @abulhol Definitely a good point. Though I am not exactly sure how much can go wrong with secure erase on SSDs and if it really works for all models if we try to automate this with FOG. Do you have much experience with this?

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        1 Reply Last reply Reply Quote 1
        • A
          abulhol
          last edited by

          I am not an expert on SSDs, but I haven’t used any so far that did not support secure erase.
          But we could also add a check if it is supported as described e.g. here:
          https://www.thomas-krenn.com/en/wiki/Perform_a_SSD_Secure_Erase
          and run shred when in doubt.

          1 Reply Last reply Reply Quote 0
          • S
            Sebastian Roth Moderator
            last edited by

            @abulhol Give it a go and post information here or on github to further discuss things. Or you might send in a pull request on the fos repo right away.

            Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

            Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

            A 2 Replies Last reply Reply Quote 0
            • A
              abulhol @Sebastian Roth
              last edited by

              @Sebastian-Roth PR done: https://github.com/FOGProject/fos/pull/41

              1 Reply Last reply Reply Quote 0
              • A
                abulhol @Sebastian Roth
                last edited by

                @Sebastian-Roth Unfortunately, secure erase will most often be blocked by the BIOS (frozen state). See more details here: https://github.com/FOGProject/fos/issues/40

                1 Reply Last reply Reply Quote 0
                • S
                  Sebastian Roth Moderator
                  last edited by

                  @abulhol Too bad this is not working as intended now that you’ve pushed it forward a fair bit. Thanks heaps for your work and we might consider adding it anyways so it will work at least for some SSDs.

                  What do you think?

                  Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                  Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                  A 1 Reply Last reply Reply Quote 0
                  • Tom ElliottT
                    Tom Elliott
                    last edited by

                    What about this?

                    https://wiki.archlinux.org/index.php/Solid_state_drive/Memory_cell_clearing

                    From what I can gather, you can disable the “frozen state” from the BIOS, so sure it’s an extra step, but should still be possible.

                    The only machine that I see a warning is Lenovo. They have their own proprietary tool to perform erase operations.

                    Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                    Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                    Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                    A 1 Reply Last reply Reply Quote 0
                    • A
                      abulhol @Sebastian Roth
                      last edited by

                      @Sebastian-Roth Don’t worry, I didn’t spend too much time on it. I have a use case where it would have been helpful to have this feature.
                      I have used secure erase for extra SSDs on Linux, but not the root disk. Most likely the primary disk that holds the OS is locked by the BIOS.
                      I am happy if you merge the PR, would be interesting to see if it works for some setups.

                      1 Reply Last reply Reply Quote 0
                      • A
                        abulhol @Tom Elliott
                        last edited by Sebastian Roth

                        @Tom-Elliott Yes, this might work, but I didn’t want to spend too much time experimenting. If somebody wants to follow up on this, that’s fine, but I won’t. 🙂

                        1 Reply Last reply Reply Quote 0
                        • 1 / 1
                        • First post
                          Last post

                        149

                        Online

                        12.0k

                        Users

                        17.3k

                        Topics

                        155.2k

                        Posts
                        Copyright © 2012-2024 FOG Project