Since a couple of versions, vSphere comes with an erase function in the GUI. This function deletes all partitions to reuse disks with vSAN for example. However, data is not overwritten and can be restored.
If you want to sell disks or make sure that all data is deleted, you have to overwrite all blocks. In ESXi, this can be done from the console.
# dd if=/dev/zero of=/dev/disks/t10.NVMe_Samsung_SSD_960_EVO conv=notrunc
The conv=notrunc option is required or the commandf fails with the following error message:
# dd if=/dev/zero of=/dev/disks/t10.NVMe_Samsung_SSD_960_EVO dd: can't open '/dev/disks/t10.NVMe_Samsung_SSD_960_EVO': Function not implemented
If you want to verify that there is no data left on the device, use the od command. The following example is from a disk that contains valid partitions and data:
# od -b /dev/disks/t10.NVMe_Samsung_SSD_960_EVO -N 1000 -v 0000000 372 061 300 216 330 216 320 274 000 174 211 346 006 127 216 300 0000020 373 374 277 000 006 271 000 001 363 245 352 037 006 000 000 122 0000040 122 264 101 273 252 125 061 311 060 366 371 315 023 162 023 201 0000060 373 125 252 165 015 321 351 163 011 146 307 006 107 007 264 102 0000100 353 023 132 264 010 315 023 203 341 077 211 345 121 017 266 306 0000120 100 367 341 122 120 146 061 300 146 231 100 273 000 174 123 350
An empty disk should look like this. The output is omitted the * indicates that there a duplicate line, which means all data on the drive is zero.
# od /dev/disks/t10.NVMe____Samsung_SSD_950_PRO 0000000 000000 000000 000000 000000 000000 000000 000000 000000 *
HPE Gen 8 or later
HPE Gen 8 or later Raid Controllers have a Secure Erase feature that allows Industry-standard disk sanitation. It's important to know that erasing SSDs and HDDs isn't the same. Magnetic HDDs can be erased by overwriting every sector. This method is slow and not sufficient for SSDs because they are typically overprovisioned (by having more cells as exposed) which makes it impossible to erase all data. To overcome this issue, the “Security Erase Unit” command has been introduced. The command tells the SSD to apply a voltage spike to all available NAND cells and thus resetting every available block in one operation. More information about HP Secure Erase can be found here.
Secure Erase can be used from the ESXi console with ssacli when the HPUtil bundle is installed. Either use the HPE-Customized bundle or install it from the HPE Vibs Depot.
Show all available Disks
# /opt/smartstorageadmin/ssacli/bin/ssacli ctrl all show config
Smart Array P440ar in Slot 0 (Embedded)
Unassigned
physicaldrive 1I:1:1 (port 1I:box 1:bay 1, SATA HDD, 4 TB, OK)
physicaldrive 1I:1:2 (port 1I:box 1:bay 2, SATA HDD, 4 TB, OK)
physicaldrive 1I:1:3 (port 1I:box 1:bay 3, SATA SSD, 400 GB, OK)
physicaldrive 1I:1:4 (port 1I:box 1:bay 4, SATA SSD, 400 GB, OK)
Verify that "Sanitize Erase" is supported. This command will also display the estimated time to complete. Thanks to the "Secure Erase Unit" command, deleting SSDs only takes a minute.
# /opt/smartstorageadmin/ssacli/bin/ssacli ctrl slot=0 pd 1I:1:1 show |grep -i 'physicaldrive\|Sanitize'
physicaldrive 1I:1:1
Sanitize Erase Supported: True
Sanitize Estimated Max Erase Time: 8 hour(s)14 minute(s)
# /opt/smartstorageadmin/ssacli/bin/ssacli ctrl slot=0 pd 1I:1:3 show |grep -i 'physicaldrive\|Sanitize'
physicaldrive 1I:1:3
Sanitize Erase Supported: True
Sanitize Estimated Max Erase Time: 2 minute(s) 0 second(s)
Unrestricted Sanitize Supported: TrueStart the erase process for HDD (erasepattern=overwrite)
# /opt/smartstorageadmin/ssacli/bin/ssacli ctrl slot=0 pd 1I:1:1 modify erase erasepattern=overwrite unrestricted=off forced
Start the erase process for SSD (erasepattern=block)
# /opt/smartstorageadmin/ssacli/bin/ssacli ctrl slot=0 pd 1I:1:1 modify erase erasepattern=block unrestricted=off forced
Check the progress
# /opt/smartstorageadmin/ssacli/bin/ssacli ctrl all show config |grep "1I:1:1"
physicaldrive 1I:1:1 (port 1I:box 1:bay 1, SATA HDD, 4 TB, Erase In Progress)
# /opt/smartstorageadmin/ssacli/bin/ssacli ctrl all show config |grep "1I:1:1"
physicaldrive 1I:1:1 (port 1I:box 1:bay 1, SATA HDD, 4 TB, Erase Complete. Reenable Before Using.)
When the erase process is completed, the disk needs to be re-enabled
# /opt/smartstorageadmin/ssacli/bin/ssacli ctrl slot=0 pd 1I:1:1 modify enableeraseddrive
Hello, I read Your posts from time to time.
I also manage such hosts, but on older versions.
I'm really not sure is zeroing enough for HDDs. I always do dd from /dev/urandom to overwrite sensitive data. Can it be done under ESXi?
You can't restore any data after zeroing, it's urban myth.
Not true. Anyone with enough time can recover a simple zero'd drive. You basically just need a DSP to look at the small variances in the signal from a zero'd location. It isn't easy, but it isn't impossible.
This is precisely why physical destruction is the only option with some drives due to the sensitivity of the data contained.
This is only true for older small drives. For todays large drives this isn't an issue and zeroing is enough. Although you can use /dev/urandom in ESXi if you wish.
Hello, I have a HP Smart Array P410i. And when I do this:
ssacli ctrl slot=0 pd 1I:1:1 show |grep -i 'physicaldrive\|Sanitize'
I get the following:
physicaldrive 1I:1:3
Sanitize Erase Supported: False
Unrestricted Sanitize Supported: False
So, since, I don't have sanitize erase support, is there any other way I can erase the disk?