A Qnap NAS has a drive with some bad sectors, I want to RMA it, but before just want to figure out how to prepare a drive? It’s part of a raid 5 setup of 4 drives unencrypted. So I want to remove it and wipe it. Got a Linux machine I can use, but never done this before.

What are common Linux tools to do that sensibly?

  • dingdongitsabear@lemmy.ml
    link
    fedilink
    arrow-up
    2
    ·
    8 hours ago

    no help to you, but a heads-up to anybody yet to deploy disks in such a scenario: always use encryption by way of LUKS2. you can set it up easily to unlock it on boot by a key file on the boot drive, thumb drive, TPM and such. so when a drive gets sold, RMA’d, etc., you got none of these issues.

    source: sold my old drives recently and the shred procedure took ages. the new ones are encrypted so none of that shit no more.

  • randombullet
    link
    fedilink
    arrow-up
    2
    ·
    9 hours ago

    When I sold my drives, I used veracrypt with a 128 character password and PIM of 800+.

    Isn’t that the same thing as shredding?

        • My Password Is 1234@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          3 hours ago

          Installing an operating system and enabling encryption won’t overwrite the data on the entire disk. Instead, it will only overwrite on the specific sectors on which this operating system was installed.

          Other “previous” data on the disk will remain intact and unaffected.

          • randombullet
            link
            fedilink
            arrow-up
            1
            ·
            2 hours ago

            I understand what you mean. The way I did it was a full disk encryption as an “external drive” so the whole disk was encrypted

          • Leaflet@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            3 hours ago

            Unless the OS installer chooses to wipe the driver, which Debian’s (non-calamares) installer does.

  • Lemmchen@feddit.org
    link
    fedilink
    arrow-up
    18
    ·
    edit-2
    15 hours ago

    shred

    Can also be used from KDE Partition Manager.
    Use LUKS encryption on the future.

  • solrize@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    12 hours ago

    If the drive has bad sectors that it can’t read right now, it likely had other sectors that were marginal and got copied (remapped) to new spare sectors before they became unreadable. So there is still potentially recoverable data in the remapped sectors, and not much you can do about it.

    Basically, writing zeros to the disk is about as good as you can hope for. If your data is s00per seekrit to the point where you can’t stand the possibility of any bits at all being recovered, you basically have to melt the drive. Otherwise, zero it and send it in.

    Next time, set up encryption ahead of time, so your new drives never see plaintext. Some drives have a “secure erase” feature that is basically a crappy version of this built into the drive.

  • socphoenix@midwest.social
    link
    fedilink
    arrow-up
    7
    arrow-down
    1
    ·
    16 hours ago

    Assuming the drive writes normally a simple command like

    dd if=/dev/random of=/dev/sdX

    Where sdX is the location of the drive should do the trick. Depending on drive time this may take a bit.

    • Fubarberry@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      6
      ·
      16 hours ago

      Yeah my first thought was just keep running dd commands, and sooner or later you’ll have the hdd wiped.

    • cmnybo@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      4
      ·
      16 hours ago

      Just keep in mind that you can’t wipe the bad sectors that have been remapped. That’s unlikely to be an issue for a personal drive, but something to consider if it held particularly sensitive information.

    • yesman@lemmy.world
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      15 hours ago

      dd if=/dev/zero of=/dev/sdX bs=1M

      This command is much faster. Instead of random bits, it just marks everything zero (dude). Is good enough.