On Mon, Apr 3, 2017 at 2:34 PM, Kai Krakow <hurikha...@gmail.com> wrote: > > Just dd /dev/zero to the complete device. That purges everything you > need: partition tables, boot sectors, contents: > > # dd if=/dev/zero of=/dev/sdX >
If it contains data you'd prefer not be recoverable you might want to use shred or ATA secure erase. Shred overwrites the drive with random data using a few passes to make recovery more difficult. Some debate whether it actually adds value. Secure erase is a standard command supported by most drives. It has the advantage of being MUCH faster, and it also should take care of things like relocated blocks and such which might not be seen by the OS. It has the disadvantage of being a black box that might not actually work or which might have some kind of NSA back door. Typically it is implemented by the drive controller encrypting all your data transparently using a random key in normal operation, and then the secure erase command tells it to forget the key and generate a new one. I suspect that secure erase would probably be the closest thing to restoring "factory" condition for a drive. Instructions can be found at: https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase Unless I'm in a hurry I tend to do the best of both worlds. I run shred, and then I do a secure erase. And of course another option is to always encrypt your drives all the time anyway, which means that even if the drive fails and you can't erase it that your data is secure anyway. -- Rich
