Quickest way to wipe an SSD clean of all its partitions for repartitioning in Linux?
On an SSD: You can TRIM whole disks or partitions using blkdiscard
. It's not very secure, but practically instant (the disk merely marks all cells as unused).
For SATA SSDs, the ATA "Secure Erase" command (available through hdparm
) is also very fast. There is also "Enhanced Secure Erase", which (at least on the SSDs I've used it on) takes a few seconds longer and appears to physically erase all cells.
For security: Use full-disk encryption. Don't bother wiping the entire disk if it's encrypted – you only need to wipe the area containing your keys (e.g. the first 1–2 MiB of every encrypted partition).
For repartitioning: Again, don't bother erasing all data. You only need to destroy the filesystems using wipefs
, then scrub the first 1 MiB of your disk to purge leftover bootloaders. After you format a partition using mkfs
, the OS will simply assume it is completely empty.
(In fact, on Linux, mkfs.ext4 will automatically TRIM the entire partition before formatting it.)
As Kamil Maciorowski mentions, the best way, with the least write-wear, of deleting an entire disk, is to use the ATA 'secure erase' command.
This will instruct the hardware to do a single full wipe, rather than overwriting the cells repeatedly as with tools like shred
.
This can only be done for the entire disk, if you need to selectively wipe partitions, see grawity's answer (blkdiscard
)
The exact implementation of the command depends on the hardware.
Most SSDs will use a bulk electric signal to wipe entire chips in an all-or-nothing fashion. This does incur (normal) write-wear, but only to the minimum extent possible (~ single write cycle).
Self-encrypting SSDs will usually just wipe the encryption key inside the controller chip (really instantaneous). Self-encrypting drives always encrypt, even out-of-the-box (with a factory-default key). So wiping the key leaves only un-decryptable jumble on the flash chips, even if no user-key was set.
-
Spinning-Rust hard-disks will do a hardware-based zero-write of all sectors, which is equivalent (and as time-consuming) as doing
dd if=/dev/zero
.
The process is documented quite well here: https://www.thomas-krenn.com/en/wiki/SSD_Secure_Erase (I have personally used this process repeatedly on my own SSDs when re-installing OS'es)
Edit: if you're interested in the security implications: check this Security.SE's question
Keeping in mind you've asked for a solution on how to quickly wipe disks Replace /dev/sdx with your disk, most likly /dev/sda
This will wipe the partition table.
dd if=/dev/zero of=/dev/sdx bs=1024 count=50
This will wipe the entire disk, it will take a while.
cat /dev/zero > /dev/sdx