how to use dd command to erase the data in disk, such as hdisk2?

dd is pretty simple. Be sure to unmount anything on that disk before doing this:

dd if=/dev/zero of=/path/to/device bs=65536

Just to expand on what Corona688 has already said: i once read that some (military) paranoids don't stop here but erase disks several times (IIRC 7 times) with different hex values to make sure the overwritten bits can't be restored by some obscure means. If you want to do this prepare a stream with "0xFF"s quite like the "0x00"s from "/dev/zero" and use these two streams alternatingly to write the disk several times.

How often you do that is determined by your own level of paranoia. ;-))

I hope this helps.

bakunin

That's not paranoid at all. We have a policy that all retired media, working or not has to be shredded. We store them up and on request a specialist company turn up with a van and shredder. The maximum permitted size of the pieces is half a centimetre square. Each item has it's serial number confirmed before destruction.

It you are going to reuse the disk elsewhere, just a simple delete will be fine if you trust yourself not to go fishing in future. Plug it in to the next server and format it ready for use. Adding it into a volume group, raid set or whatever will splat over the VTOC information anyway and then each filesystem you build will create new superblocks anyway.


If you want the info on the shredder company let me know.



Robin

Shredding perfectly good disks is a waste of hardware and probably a warranty violation. I vaguely remember a warranty disagreement between Dell and the US military... They could hardly return the machines intact after they'd used them. They came to a rather Pyrrhic compromise: Dell got the drives back, but didn't get their platters!

It of course depends on your security standards but a simple dd if=/dev/zero of=/dev/disk will wreck the data badly enough that you'd need to hire cleanroom spacesuit people and their special machine to have any hope of retrieving it. With 7 overwrites, not even that.

The shred utility I mentioned earlier does that kind of destructive overwrite at the file level, on filesystems that support it, letting you securely delete a file without needing to reformat. Of course that's no guarantee there's nothing unwanted in unlinked sectors somewhere.

According to the 2006 NIST Guidelines for Media Sanitization, only one wipe of a disk using dd or dcfldd is necessary. See http://csrc.nist.gov/publications/ni...00-88_rev1.pdf.

hopefully these are local disks(SCSI/SSA). if it is SAN - it is still good to wipe the disks but you cannot truly know where the data is behind the scenes. you can also use the diag erase disk procedure.