<![CDATA[Dev1 Galaxy Forum / [CLOSED] secure erase failure - unlock ssd with hdparm not possible]]> http://dev1galaxy.org/viewtopic.php?id=3051 Sat, 14 Sep 2019 18:29:58 +0000 FluxBB <![CDATA[Re: [CLOSED] secure erase failure - unlock ssd with hdparm not possible]]> http://dev1galaxy.org/viewtopic.php?pid=17853#p17853 Just for future reference, indeed it appears your SATA to USB adapter was the problem. Never ever use advanced SATA features over such an adapter:
https://sourceforge.net/p/hdparm/support-requests/7/

]]> Sat, 14 Sep 2019 18:29:58 +0000 http://dev1galaxy.org/viewtopic.php?pid=17853#p17853 <![CDATA[Re: [CLOSED] secure erase failure - unlock ssd with hdparm not possible]]> http://dev1galaxy.org/viewtopic.php?pid=17827#p17827 thx b3bgd.
Of course I forgot....

However that gave me an: 

SECURITY_UNLOCK: Invalid argument

instead, but this too:

Security:
        Master password revision code = 1
                supported 
                enabled
        not     locked
        not     frozen
        not     expired: security count
                supported: enhanced erase
        20min for SECURITY ERASE UNIT. 60min for ENHANCED SECURITY ERASE UNIT.

so I can run the erase command.
I have done that already and it was running corectly accept that: 

The running kernel lacks CONFIG_IDE_TASK_IOCTL support for this device.

was showing up again.
Hower the:

        Master password revision code = 65534

has changed to

        Master password revision code = 1

and after the erase it is still there....
Dunno what's the problem but I do not care anymore, a friend of mine took the SSD to use it so I do not need a solution here anymore.

]]> Fri, 13 Sep 2019 17:46:17 +0000 http://dev1galaxy.org/viewtopic.php?pid=17827#p17827 <![CDATA[Re: [CLOSED] secure erase failure - unlock ssd with hdparm not possible]]> http://dev1galaxy.org/viewtopic.php?pid=17804#p17804 nogeek wrote:

I have a Toshiba device here and figured out that "the" masterpassword (it is the only one I have found in several lists) is 32 spaces, but that did not work:

$ hdparm --user-master m --security-set-pass                                  /dev/sdb
missing PASSWD

I tried 34 spaces between "--security-set-pass" and "/dev/sdb", because you need a space after each option/parameter and 32 spaces (because the first logical did not work and I am frustrated...).

That's not what 32 spaces on a command line do... Just try:

echo                   x

and see what you get. The error message above is pretty clear: missing PASSWD
Try:

$ hdparm --user-master m --security-set-pass "                                " /dev/sdb

Observe the 32 spaces in quotes.

]]> Wed, 11 Sep 2019 05:27:40 +0000 http://dev1galaxy.org/viewtopic.php?pid=17804#p17804 <![CDATA[[CLOSED] secure erase failure - unlock ssd with hdparm not possible]]> http://dev1galaxy.org/viewtopic.php?pid=17803#p17803 I have connected the SSD via a SATA to USB 2.0 Adpater and it is reconized by the computer:

$ lsblk
NAME             MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
sdb                8:16   0 447.1G  0 disk

#

Checking if secure erase is possible (printing here only the security section):

$ hdparm -I /dev/sdb

Security:
                supported
        not     enabled
        not     locked
        not     frozen
        not     expired: security count
                supported: enhanced erase
        20min for SECURITY ERASE UNIT. 60min for ENHANCED SECURITY ERASE UNIT.

#

Have had set a passwort.

$ hdparm --user-master u --security-set-pass sec123abc /dev/sdb
security_password: "sec123abc"

/dev/sdb:
 Issuing SECURITY_SET_PASS command, password="sec123abc", user=user, mode=high
The running kernel lacks CONFIG_IDE_TASK_IOCTL support for this device.
SECURITY_SET_PASS: Invalid argument

#

Because of this error I checked the SSD again and three time in a row I get different output each time I run the command:

$ hdparm -I /dev/sdb

/dev/sdb:

ATA device, with non-removable media
Standards:
        Likely used: 1
Configuration:
        soft sectored
        head switch time > 15us
        fixed drive
        disk xfer rate <= 5Mbs
        disk xfer rate > 5Mbs, <= 10Mbs
        data strobe offset option
        format speed tolerance gap reqd
        Logical         max     current
        cylinders       21314   0
        heads           0       0
        sectors/track   0       0
        --
        Logical/Physical Sector size:           512 bytes
        device size with M = 1024*1024:           0 MBytes
        device size with M = 1000*1000:           0 MBytes
        cache/buffer size  = unknown
Capabilities:
        IORDY not likely
        Cannot perform double-word IO
        R/W multiple sector transfer: not supported
        DMA: not supported
        PIO: pio0

#

$ hdparm -I /dev/sdb

/dev/sdb:
SG_IO: bad/missing sense data, sb[]:  70 00 03 00 00 00 00 0a 00 00 00 00 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

ATA device, with non-removable media
Standards:
        Likely used: 1
Configuration:
        Logical         max     current
        cylinders       0       0
        heads           0       0
        sectors/track   0       0
        --
        Logical/Physical Sector size:           512 bytes
        device size with M = 1024*1024:           0 MBytes
        device size with M = 1000*1000:           0 MBytes
        cache/buffer size  = unknown
Capabilities:
        IORDY not likely
        Cannot perform double-word IO
        R/W multiple sector transfer: not supported
        DMA: not supported
        PIO: pio0

#

$ hdparm -I /dev/sdb

/dev/sdb:

ATA device, with non-removable media
        Model Number:       TOSHIBA-TR200
        Serial Number:      49QB725OKBSN
        Firmware Revision:  SBFA15.2
        Transport:          Serial, ATA8-AST, SATA 1.0a, SATA II Extensions, SATA Rev 2.5, SATA Rev 2.6, SATA Rev 3.0
Standards:
        Supported: 11 10 9 8 7 6 5
        Likely used: 11
Configuration:
        Logical         max     current
        cylinders       16383   16383
        heads           16      16
        sectors/track   63      63
        --
        CHS current addressable sectors:    16514064
        LBA    user addressable sectors:   268435455
        LBA48  user addressable sectors:   937703088
        Logical  Sector size:                   512 bytes
        Physical Sector size:                   512 bytes
        Logical Sector-0 offset:                  0 bytes
        device size with M = 1024*1024:      457862 MBytes
        device size with M = 1000*1000:      480103 MBytes (480 GB)
        cache/buffer size  = unknown
        Form Factor: 2.5 inch
        Nominal Media Rotation Rate: Solid State Device
Capabilities:
        LBA, IORDY(can be disabled)
        Queue depth: 32
        Standby timer values: spec'd by Standard, no device specific minimum
        R/W multiple sector transfer: Max = 16  Current = 16
        DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6
             Cycle time: min=120ns recommended=120ns
        PIO: pio0 pio1 pio2 pio3 pio4
             Cycle time: no flow control=120ns  IORDY flow control=120ns
Commands/features:
        Enabled Supported:
           *    SMART feature set
                Security Mode feature set
           *    Power Management feature set
           *    Write cache
           *    Look-ahead
           *    Host Protected Area feature set
           *    WRITE_BUFFER command
           *    READ_BUFFER command
           *    NOP cmd
           *    DOWNLOAD_MICROCODE
                SET_MAX security extension
           *    48-bit Address feature set
           *    Mandatory FLUSH_CACHE
           *    FLUSH_CACHE_EXT
           *    SMART error logging
           *    General Purpose Logging feature set
           *    WRITE_{DMA|MULTIPLE}_FUA_EXT
           *    64-bit World wide name
           *    {READ,WRITE}_DMA_EXT_GPL commands
           *    Segmented DOWNLOAD_MICROCODE
           *    Gen1 signaling speed (1.5Gb/s)
           *    Gen2 signaling speed (3.0Gb/s)
           *    Gen3 signaling speed (6.0Gb/s)
           *    Native Command Queueing (NCQ)
           *    Phy event counters
           *    READ_LOG_DMA_EXT equivalent to READ_LOG_EXT
                DMA Setup Auto-Activate optimization
                Device-initiated interface power management
           *    Software settings preservation
                Device Sleep (DEVSLP)
           *    DOWNLOAD MICROCODE DMA command
           *    SET MAX SETPASSWORD/UNLOCK DMA commands
           *    WRITE BUFFER DMA command
           *    READ BUFFER DMA command
           *    Data Set Management TRIM supported (limit 8 blocks)
Security:
        Master password revision code = 65534
                supported
        not     enabled
        not     locked
        not     frozen
        not     expired: security count
                supported: enhanced erase
        20min for SECURITY ERASE UNIT. 60min for ENHANCED SECURITY ERASE UNIT.
Logical Unit WWN Device Identifier: 58ce38ec0124245e
        NAA             : 5
        IEEE OUI        : 8ce38e
        Unique ID       : c0124245e
Device Sleep:
        DEVSLP Exit Timeout (DETO): 100 ms (drive)
        Minimum DEVSLP Assertion Time (MDAT): 10 ms (drive)
Checksum: correct

#

When I run the command now I only get the last sort of output.

It says that there is a password now, but if I try to unlock the SSD the following happens:

$ hdparm --user-master u --security-unlock sec123abc /dev/sdb
security_password: "sec123abc"

/dev/sdb:
 Issuing SECURITY_UNLOCK command, password="sec123abc", user=user
The running kernel lacks CONFIG_IDE_TASK_IOCTL support for this device.
SECURITY_UNLOCK: Invalid argument

#

I tried to disable it again (I know that I have to unlock it first but everything before works strange, so I just give it a try):

$ hdparm --user-master u --security-disable sec123abc /dev/sdb
security_password: "sec123abc"

/dev/sdb:
 Issuing SECURITY_DISABLE command, password="sec123abc", user=user
The running kernel lacks CONFIG_IDE_TASK_IOCTL support for this device.
SECURITY_UNLOCK: Invalid argument

So something seems to be wrong with the kernel?
My Kernel is linux-image-5.2.13-gnu (it is linux-libre), I did not modify it or something like that.

#

Then I red here:
https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase
that using a USB-Interface makes problems... (to late badly)

#

So I put the SSD into a SATA drive of another computer with devuan live minimal running, install hdparm and try to unlock and disable, what gives me the same output like this guy here got:
https://www.overclockers.com/forums/arc … 93716.html
On the live system runs the default devuan kernel.

Further he solved his problem by using a master password to unlock his SSD.
There are (unofficial) lists on the web with them. here is one of them:
https://ipv5.wordpress.com/2008/04/14/l … passwords/
I have a Toshiba device here and figured out that "the" masterpassword (it is the only one I have found in several lists) is 32 spaces, but that did not work:

$ hdparm --user-master m --security-set-pass                                  /dev/sdb
missing PASSWD

I tried 34 spaces between "--security-set-pass" and "/dev/sdb", because you need a space after each option/parameter and 32 spaces (because the first logical did not work and I am frustrated...).

#

I did not run the erase command and I do not will!

It would be nice if anyone could help me out....

]]> Wed, 11 Sep 2019 01:05:27 +0000 http://dev1galaxy.org/viewtopic.php?pid=17803#p17803