Browse Tag: aes

Erasing hard disks fast & securely with OpenSSL

Erasing & overwriting disks with dd can take a very long time, both with /dev/null and /dev/urandom. Most modern CPUs are capable of AES-NI, accelerating cryptographic operations while reducing system load dramatically. That’s why I’m using OpenSSL to erase my disk drives. The advantages are clear – encrypted pseudorandom data output and maximum I/O throughput. Studies have shown that one wipe is sufficient on magnetic HDDs.

 

openssl enc -aes-256-ctr -pass pass:"$(dd if=/dev/urandom bs=128 count=1 </dev/null | base64)" -nosalt </dev/zero | pv --progress --eta --rate --bytes | dd of=/dev/sdX

 

Replace sdX with the target drive. Make sure pv is installed before executing. OpenSSL is encrypting /dev/zero with a randomized password of /dev/urandom. You should see a progress bar & ETA.