HDD硬盘securityATAerase事故(HDD被LOCKED)
来源:互联网 发布:东北农业大学网络登陆 编辑:程序博客网 时间:2024/06/09 12:21
本次经历完全起源于自己作死,瞎玩和粗心。验证HDD安全擦除时,认为系统hang住,造成事故发生。下面我们讲讲HDD硬盘securityATAerase。
在固太硬盘使用过程中会产生很多碎片,随着碎片的增加固态硬盘的性能也会大大降低,我们可以通过hdparm命令发送ATA Secure Erase 指令将固态硬盘恢复到初始状态来提高硬盘的性能。
使用注意:
1.该操作会擦除硬盘中所有数据且不能恢复,重要数据请提前备份。
2.每次操作为一次P/E,固态硬盘的P/E次数有限,过多执行此操作会影响固态硬盘寿命。
3.操作有风险,如果遇到系统或固态硬盘的bug,可能产生不可逆转的影响。
Step 1 - Make sure the drive Security is not frozen:
Issue the following command, where "X" matches your device (eg. sdb). 通常不要选择系统盘
hdparm -I /dev/sdb
Step 1a - Ensure the drive is not frozen:
Security: Master password revision code = 65534 supported not enabled not locked not frozen not expired: security count supported: enhanced erase 2min for SECURITY ERASE UNIT. 2min for ENHANCED SECURITY ERASE UNIT.
If the command output shows "frozen" (instead of "not frozen") then you cannot continue to the next step.
Many BIOSes will protect your drives if you have a password set (security enabled) by issuing a SECURITY FREEZE command before booting an operating system. If your drive is frozen, and it has a password enabled, try removing the password using the BIOS and powering down the system to see if that disables the freeze. Otherwise you may need to use a different motherboard (with a different BIOS).
A possible solution for SATA drives is hot-(re)plug the data cable (this might crash your kernel). If hot-(re)pluging the SATA data cable crashes the kernel try letting the operating system fully boot up, then quickly hot-(re)plug both the SATA power and data cables.
- It has been reported that hooking up the drive to an eSATA SIIG ExpressCard/54 with an eSATA enclosure will leave the drive security state to "not frozen".
- Placing my system into "sleep" (suspend to RAM) worked too---and this may reset other drives to "not frozen" as well. This has worked on PCs from various manufacturers including Dell, Lenovo, and Clevo. Many Live distributions can be suspended to RAM for this purpose:
echo -n mem > /sys/power/state
- Users have also reported that IDE Drives may be unfreezed by plugging in an IDE cable to a CD-ROM first, booting your system and then moving the IDE cable to the drive in question. This will allow you to bypass "SECURITY FREEZE" commands sent by BIOS and your OS. BE AWARE, that IDE cables are not hot-pluggable and this technique possesses even higher risks; under no circumstances should you connect/disconnect/swap power cables of an HDD or CD-ROM, when your PC is on.
Step 2 - Enable security by setting a user password:
WARNING: When the user password is set the drive will be locked after next power cycle (the drive will deny normal access until unlocked with the correct password).
Step 2a - Set a User Password:
Any password will do, as this should only be temporary. After the secure erase the password will be set back to NULL. For this procedure we'll use the password "Eins".
hdparm --user-master u --security-set-pass user123 /dev/sdb
Step 2a - Command Output:
security_password="user123"/dev/sdd:Issuing SECURITY_SET_PASS command, password="Eins", user=user, mode=high
Step 2b - Make sure it succeeded, execute:
hdparm -I /dev/sdb
Step 2b - Command Output (should display "enabled"):
Security: Master password revision code = 65534 supported enabled not locked not frozen not expired: security count supported: enhanced erase Security level high 50min for SECURITY ERASE UNIT. 50min for ENHANCED SECURITY ERASE UNIT.
Step 3 - Issue the ATA Secure Erase command:
time hdparm --user-master u --security-erase user123 /dev/sdb
Step 3 Command Output:
Wait until the command completes.
security_password="Eins" /dev/sdd:Issuing SECURITY_ERASE command, password="user123", user=user0.000u 0.000s 0:39.71 0.0% 0+0k 0+0io 0pf+0w
事故发生于此,因为没有注意擦出时间是50min,以为系统hang住,本人强制关机,结果开机时,会提示你输入sdb硬盘的user passwd。此密码并不是刚刚设置的security_passwd=“user123”,三次输入错误,导致硬盘被locked。进入OS后查看sdb的status。
hdparm -I /dev/sdb
Security: Master password revision code = 65534 supported enabled locked not frozen not expired: security count supported: enhanced erase Security level high 50min for SECURITY ERASE UNIT. 50min for ENHANCED SECURITY ERASE UNIT.此时sdb已被上锁,执行安全擦除时无效的,本人在网上查了很久都没有找到谁遇到过这种情况,最后看了hdparm命令才知道答案。想把密码擦掉,必选先把硬盘解锁。操作如下
让我们解锁吧#hdparm --user-master u --security-unlock user123 / dev / sdbsecurity_password = “user123”的/ dev / SDX: 发出SECURITY_UNLOCK命令,password =“user123”,user = user
并禁用安全性:#hdparm --user-master u --security-disable user123 / dev / sdbsecurity_password = “user123”的/ dev / SDX: 发出SECURITY_DISABLE命令,password =“user123”,user = user
现在我们很好:#hdparm -I / dev / sdb...
Security: Master password revision code = 65534 supported not enabled not locked not frozen not expired: security count supported: enhanced erase Security level high 50min for SECURITY ERASE UNIT. 50min for ENHANCED SECURITY ERASE UNIT.下面步骤是接第三部,正常情况下的操作。
Step 4 - The drive is now erased! Verify security is disabled:
After a successful erasure the drive security should automatically be set to disabled (thus no longer requiring a password for access). Verify this by running the following command:
hdparm -I /dev/sdb
Step 4 - Command Output (should display "not enabled"):
Security: Master password revision code = 65534 supported not enabled not locked not frozen not expired: security count supported: enhanced erase 50min for SECURITY ERASE UNIT. 50min for ENHANCED SECURITY ERASE UNIT.
❊❊因为我用的是6T的HDD每一次PE都会需要大约2个小时的时间,所以一定要看清楚自己操作,避免不必要的事发生。- HDD硬盘securityATAerase事故(HDD被LOCKED)
- 机械硬盘(HDD)种类
- 机械硬盘HDD
- 机械硬盘(HDD)与固态硬盘(SSD)
- 利用硬盘安装软件(使用nt6 hdd installer)
- 硬盘三大种类( SSD ; HHD ; HDD )
- 硬盘三大种类(SSD/HHD/HDD)
- 固态硬盘SSD与机械硬盘HDD
- 利用HDD regenator2011修复损坏的硬盘
- HDD Regenerator Shell 进行硬盘修复
- format HDD 格式化硬盘 块设备 code
- 固态硬盘(SSD) 和机 械硬盘(HDD) 优缺点比较
- 固态硬盘(SSD)和机械硬盘(HDD)区别对比介绍
- 固态硬盘(SSD)和机械硬盘(HDD)区别对比介绍
- USB HDD
- HDD性质
- Macbook Pro(MBP)上固态硬盘SSD,光驱位装HDD
- HDD Regenerator Shell(硬盘再生器)的使用
- TryParse()方法的使用
- Apache2.4.x版wamp server让外网访问及启用.htaccess
- 简单的SSM框架应用的分页技术
- java接口
- Hibernate02关系
- HDD硬盘securityATAerase事故(HDD被LOCKED)
- 一步一步教你centos7.3搭建git server 2.14.1
- POJ
- 文本输入框的内边距设置
- undefined reference to symbol 'clock_gettime@@GLIBC_2.2.5'
- HDU 2089 不要62 (数位dp)
- 一个学习FreeBSD不错的中文网站
- 多态
- 最近也集成了QQ,微信第三方登录,一些坑总结都在这