MarcT
April 12, 2017, 2:53pm
21
Have a read of this: https://linux.die.net/man/8/hdparm
An ATA drive can have two passwords, a USER password and a MASTER password. From looking at your screenshots above it appears only the USER password is set.
If you know the user password, go into the BIOS and try to change the password. Just press RETURN for the new password, which will usually result in the USER password being removed and the drive unlocked.
If you don't know the USER password, you may be able to set the MASTER password and then perform an "ATA Secure Erase". This will wipe the disk, but leave it unlocked at the end. See https://en.wikipedia.org/wiki/Parallel_ATA#HDD_passwords_and_security
Procedure for ATA secure erase:https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase
1 Like
I cannot get fdisk to read the drive, so there's no really mount point for it, I don' think there is a master password in this BIOS, there's only user and supervisor and that's separate from hdd password.
I'm starting to think I should trash it to be honest.
MarcT
April 13, 2017, 12:07pm
23
You can set the drive master password using "hdparm" on Linux. You can then perform an "ATA Secure Erase" which will wipe the drive and remove the user password.
Uhh, how can I do that without even able to see it? There is no /dev/sdX on it, nothing.
MarcT
April 13, 2017, 3:20pm
25
Are you sure? Can you post output ofsudo lsblk -ato +serial
with the drives hooked up?
Edit: If you get nothing, try booting into Linux with the drive disconnected. Once Linux is up and running, connect the drive.
SATA is hot-pluggable (if running in AHCI mode). Check in the BIOS for the SATA mode.
sudo lsblk -ato +serial
sdg 0 512 0 512 512 1 cfq 128 128 0B 5VJ5CWQX
That's one of the drives as tested, however it still does not show up in fdisk nor gparted. Interesting that.
MarcT
April 18, 2017, 2:43pm
27
Ok - so now do:
hdparm -I /dev/sdg
and post the output. (NB: That's an uppercase i as the flag to hdparm. In some fonts it can look like an l or a 1).
/dev/sde:
ATA device, with non-removable media
Model Number: ST9500420AS
Serial Number: 5VJ5CWQX
Firmware Revision: 0003SDM1
Transport: Serial
Standards:
Used: unknown (minor revision code 0x0029)
Supported: 8 7 6 5
Likely used: 8
Configuration:
Logical max current
cylinders 16383 16383
heads 16 16
sectors/track 63 63
--
CHS current addressable sectors: 16514064
LBA user addressable sectors: 268435455
LBA48 user addressable sectors: 976773168
Logical/Physical Sector size: 512 bytes
device size with M = 1024*1024: 476940 MBytes
device size with M = 1000*1000: 500107 MBytes (500 GB)
cache/buffer size = 16384 KBytes
Nominal Media Rotation Rate: 7200
Capabilities:
LBA, IORDY(can be disabled)
Queue depth: 32
Standby timer values: spec'd by Standard, no device specific minimum
R/W multiple sector transfer: Max = 16 Current = 16
Advanced power management level: 128
Recommended acoustic management value: 208, current value: 0
DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6
Cycle time: min=120ns recommended=120ns
PIO: pio0 pio1 pio2 pio3 pio4
Cycle time: no flow control=120ns IORDY flow control=120ns
Commands/features:
Enabled Supported:
* SMART feature set
* Security Mode feature set
* Power Management feature set
* Write cache
* Look-ahead
* Host Protected Area feature set
* WRITE_BUFFER command
* READ_BUFFER command
* NOP cmd
* DOWNLOAD_MICROCODE
* Advanced Power Management feature set
SET_MAX security extension
Automatic Acoustic Management feature set
* 48-bit Address feature set
* Device Configuration Overlay feature set
* Mandatory FLUSH_CACHE
* FLUSH_CACHE_EXT
* SMART error logging
* SMART self-test
* General Purpose Logging feature set
* WRITE_{DMA|MULTIPLE}_FUA_EXT
* WRITE_DMA_QUEUED_FUA_EXT
* 64-bit World wide name
* IDLE_IMMEDIATE with UNLOAD
Write-Read-Verify feature set
* WRITE_UNCORRECTABLE_EXT command
* {READ,WRITE}_DMA_EXT_GPL commands
* Segmented DOWNLOAD_MICROCODE
* Gen1 signaling speed (1.5Gb/s)
* Gen2 signaling speed (3.0Gb/s)
* Native Command Queueing (NCQ)
* Host-initiated interface power management
* Phy event counters
Device-initiated interface power management
* Software settings preservation
* SMART Command Transport (SCT) feature set
* SCT Read/Write Long (AC1), obsolete
* SCT Write Same (AC2)
* SCT Error Recovery Control (AC3)
* SCT Features Control (AC4)
* SCT Data Tables (AC5)
unknown 206[12] (vendor specific)
Security:
Master password revision code = 65534
supported
enabled
locked
not frozen
not expired: security count
supported: enhanced erase
Security level high
100min for SECURITY ERASE UNIT. 100min for ENHANCED SECURITY ERASE UNIT.
Logical Unit WWN Device Identifier: 5000c50024aedb19
NAA : 5
IEEE OUI : 000c50
Unique ID : 024aedb19
Checksum: correct
It changed to sde since I plugged it back in. Am I out of luck here?
MarcT
April 19, 2017, 12:49pm
29
Looks good to me!
If you're happy to wipe the entire drive, try the following steps. I think this should work, but I don't have a locked drive here to test with. In the steps below replace X with the correct sd device (confirm with lsblk that the serial number matches the one you expect).
Set the drive master password to "Eins"
hdparm --user-master m --security-set-pass Eins /dev/X
...which should respond with something like:
security_password="Eins"
/dev/sdX:
Issuing SECURITY_SET_PASS command, password="Eins", user=master, mode=high
Then try:
Perform an ATA Secure Erase using the previously set master password:
time hdparm --user-master m --security-erase Eins /dev/X
...and approx 100mins later (according to your hdparm output) you should have a freshly wiped disk which is unlocked.
Repeat the hdparm -I /dev/sdX
command, and check it reports "not locked
" in the "Security:" section.
Will do, thanks again for helping me out with this, I was literally stumped. Fingers crossed!
UPDATE: I get this in the output for the first command:
security_password: "Eins"
/dev/sde:
Issuing SECURITY_SET_PASS command, password="Eins", user=master, mode=high
SECURITY_SET_PASS: Input/output error
Is this hardware failure?
MarcT
April 19, 2017, 1:21pm
31
Is the drive directly attached, or in a USB dock? Some USB docks cannot pass through the required ATA commands. What version of "hdparm" do you have? Run sudo dmesg | tail -50
and post the relevant logs
I use a USB dock, here's the log:
[13730.103172] sd 6:0:0:0: [sde] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 08 00
[13730.103174] blk_update_request: critical medium error, dev sde, sector 0
[13730.103177] Buffer I/O error on dev sde, logical block 0, async page read
[13730.103188] ldm_validate_partition_table(): Disk read failed.
[13730.103871] sd 6:0:0:0: [sde] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE
[13730.103873] sd 6:0:0:0: [sde] tag#0 Sense Key : Medium Error [current]
[13730.103874] sd 6:0:0:0: [sde] tag#0 Add. Sense: Unrecovered read error
[13730.103876] sd 6:0:0:0: [sde] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 08 00
[13730.103877] blk_update_request: critical medium error, dev sde, sector 0
[13730.103878] Buffer I/O error on dev sde, logical block 0, async page read
[13730.104564] sd 6:0:0:0: [sde] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE
[13730.104565] sd 6:0:0:0: [sde] tag#0 Sense Key : Medium Error [current]
[13730.104567] sd 6:0:0:0: [sde] tag#0 Add. Sense: Unrecovered read error
[13730.104568] sd 6:0:0:0: [sde] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 08 00
[13730.104569] blk_update_request: critical medium error, dev sde, sector 0
[13730.104570] Buffer I/O error on dev sde, logical block 0, async page read
[13730.105237] sd 6:0:0:0: [sde] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE
[13730.105238] sd 6:0:0:0: [sde] tag#0 Sense Key : Medium Error [current]
[13730.105239] sd 6:0:0:0: [sde] tag#0 Add. Sense: Unrecovered read error
[13730.105240] sd 6:0:0:0: [sde] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 08 00
[13730.105241] blk_update_request: critical medium error, dev sde, sector 0
[13730.105242] Buffer I/O error on dev sde, logical block 0, async page read
[13730.105933] sd 6:0:0:0: [sde] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE
[13730.105935] sd 6:0:0:0: [sde] tag#0 Sense Key : Medium Error [current]
[13730.105936] sd 6:0:0:0: [sde] tag#0 Add. Sense: Unrecovered read error
[13730.105937] sd 6:0:0:0: [sde] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 08 00
[13730.105938] blk_update_request: critical medium error, dev sde, sector 0
[13730.105939] Buffer I/O error on dev sde, logical block 0, async page read
[13730.105944] Dev sde: unable to read RDB block 0
[13730.106617] sd 6:0:0:0: [sde] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE
[13730.106619] sd 6:0:0:0: [sde] tag#0 Sense Key : Medium Error [current]
[13730.106620] sd 6:0:0:0: [sde] tag#0 Add. Sense: Unrecovered read error
[13730.106622] sd 6:0:0:0: [sde] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 08 00
[13730.106623] blk_update_request: critical medium error, dev sde, sector 0
[13730.106625] Buffer I/O error on dev sde, logical block 0, async page read
[13730.107298] sd 6:0:0:0: [sde] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE
[13730.107299] sd 6:0:0:0: [sde] tag#0 Sense Key : Medium Error [current]
[13730.107300] sd 6:0:0:0: [sde] tag#0 Add. Sense: Unrecovered read error
[13730.107302] sd 6:0:0:0: [sde] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 08 00
[13730.107303] blk_update_request: critical medium error, dev sde, sector 0
[13730.107304] Buffer I/O error on dev sde, logical block 0, async page read
[13730.107310] sde: unable to read partition table
[13730.108156] sd 6:0:0:0: [sde] Attached SCSI disk
[13730.114207] sd 6:0:0:0: [sde] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE
[13730.114210] sd 6:0:0:0: [sde] tag#0 Sense Key : Medium Error [current]
[13730.114211] sd 6:0:0:0: [sde] tag#0 Add. Sense: Unrecovered read error
[13730.114213] sd 6:0:0:0: [sde] tag#0 CDB: Read(10) 28 00 3a 38 5f 80 00 00 08 00
[13730.114215] blk_update_request: critical medium error, dev sde, sector 976772992
[13730.114981] Buffer I/O error on dev sde, logical block 122096624, async page read
I'm guessing I'll have to directly connect it via sata? hdparm
version: 9.48
MarcT
April 19, 2017, 2:18pm
33
Yep - it might be the USB dock. I've had problems with some in the past. I use an eSATA external dock to avoid USB completely.
One quick thing to try first is the default Seagate master password. You may be able to unlock the drive like this:
hdparm --user-master m --security-unlock "Seagate " /dev/sdX
...that's Seagate followed by 25 spaces (32bytes total). The forum won't display the repeated spaces!
EDIT: hdparm version 9.48 should be OK. It's what I have here.
Here's the output:
/dev/sdd
security_password: "Seagate "
/dev/sdd:
Issuing SECURITY_UNLOCK command, password="Seagate ", user=master
SG_IO: bad/missing sense data, sb[]: 70 00 05 00 00 00 00 0a 04 51 40 00 21 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
The same goes for Eins. I found this if it's any help: https://superuser.com/questions/642637/harddrive-wipe-out-hidden-areas-like-hpa-and-dco-also-after-malware-infectio
MarcT
April 19, 2017, 2:36pm
35
Try connecting directly via SATA. It takes the USB to SATA bridge out of the equation.
You might find the BIOS "freezes" the drive on boot (which will be seen in the hdparm -I
output), in which case boot into Linux with the drive data cable disconnected then plug it in once it has booted.
I've been hotswapping via SATA, will reboot if thats the problem.
Here's the information for the second drive:
/dev/sdd:
ATA device, with non-removable media
Model Number: FUJITSU MHZ2400BT G1
Serial Number: K709T86258JS
Firmware Revision: 0040020C
Transport: Serial, ATA8-AST, SATA 1.0a, SATA II Extensions, SATA Rev 2.5; Revision: ATA8-AST T13 Project D1697 Revision 0b
Standards:
Used: ATA-8-ACS revision 3c
Supported: 8 7 6 5
Configuration:
Logical max current
cylinders 16383 16383
heads 16 16
sectors/track 63 63
--
CHS current addressable sectors: 16514064
LBA user addressable sectors: 268435455
LBA48 user addressable sectors: 781422768
Logical Sector size: 512 bytes
Physical Sector size: 512 bytes
device size with M = 1024*1024: 381554 MBytes
device size with M = 1000*1000: 400088 MBytes (400 GB)
cache/buffer size = 8192 KBytes (type=DualPortCache)
Capabilities:
LBA, IORDY(can be disabled)
Queue depth: 32
Standby timer values: spec'd by Standard, no device specific minimum
R/W multiple sector transfer: Max = 16 Current = 16
Advanced power management level: 128
Recommended acoustic management value: 254, current value: 254
DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 *udma5
Cycle time: min=120ns recommended=120ns
PIO: pio0 pio1 pio2 pio3 pio4
Cycle time: no flow control=120ns IORDY flow control=120ns
Commands/features:
Enabled Supported:
* SMART feature set
* Security Mode feature set
* Power Management feature set
* Write cache
* Look-ahead
* Host Protected Area feature set
* WRITE_BUFFER command
* READ_BUFFER command
* DOWNLOAD_MICROCODE
* Advanced Power Management feature set
SET_MAX security extension
* Automatic Acoustic Management feature set
* 48-bit Address feature set
* Device Configuration Overlay feature set
* Mandatory FLUSH_CACHE
* FLUSH_CACHE_EXT
* SMART error logging
* SMART self-test
* General Purpose Logging feature set
* WRITE_{DMA|MULTIPLE}_FUA_EXT
* 64-bit World wide name
* IDLE_IMMEDIATE with UNLOAD
Disable Data Transfer After Error Detection
* WRITE_UNCORRECTABLE_EXT command
* {READ,WRITE}_DMA_EXT_GPL commands
* Segmented DOWNLOAD_MICROCODE
* Gen1 signaling speed (1.5Gb/s)
* Native Command Queueing (NCQ)
* Host-initiated interface power management
* Phy event counters
* DMA Setup Auto-Activate optimization
Device-initiated interface power management
* Software settings preservation
* SMART Command Transport (SCT) feature set
* SCT Write Same (AC2)
* SCT Error Recovery Control (AC3)
* SCT Features Control (AC4)
* SCT Data Tables (AC5)
Security:
Master password revision code = 65534
supported
enabled
locked
not frozen
not expired: security count
not supported: enhanced erase
Security level high
400min for SECURITY ERASE UNIT.
Logical Unit WWN Device Identifier: 500000e04247a427
NAA : 5
IEEE OUI : 00000e
Unique ID : 04247a427
Checksum: correct
A dmesg | tail -50
[19616.683102] ata4.00: cmd 25/00:08:00:90:93/00:00:2e:00:00/e0 tag 16 dma 4096 in
res 51/04:08:00:90:93/00:00:2e:00:00/e0 Emask 0x1 (device error)
[19616.683104] ata4.00: status: { DRDY ERR }
[19616.683106] ata4.00: error: { ABRT }
[19616.684538] ata4.00: configured for UDMA/100
[19616.684561] ata4: EH complete
[19616.695088] ata4.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
[19616.695091] ata4.00: irq_stat 0x40000001
[19616.695093] ata4.00: failed command: READ DMA EXT
[19616.695096] ata4.00: cmd 25/00:08:00:90:93/00:00:2e:00:00/e0 tag 14 dma 4096 in
res 51/04:08:00:90:93/00:00:2e:00:00/e0 Emask 0x1 (device error)
[19616.695098] ata4.00: status: { DRDY ERR }
[19616.695099] ata4.00: error: { ABRT }
[19616.696389] ata4.00: configured for UDMA/100
[19616.696410] ata4: EH complete
[19616.707119] ata4.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
[19616.707122] ata4.00: irq_stat 0x40000001
[19616.707124] ata4.00: failed command: READ DMA EXT
[19616.707129] ata4.00: cmd 25/00:08:00:90:93/00:00:2e:00:00/e0 tag 0 dma 4096 in
res 51/04:08:00:90:93/00:00:2e:00:00/e0 Emask 0x1 (device error)
[19616.707131] ata4.00: status: { DRDY ERR }
[19616.707132] ata4.00: error: { ABRT }
[19616.708450] ata4.00: configured for UDMA/100
[19616.708458] ata4: EH complete
[19616.719115] ata4.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
[19616.719118] ata4.00: irq_stat 0x40000001
[19616.719120] ata4.00: failed command: READ DMA EXT
[19616.719125] ata4.00: cmd 25/00:08:00:90:93/00:00:2e:00:00/e0 tag 17 dma 4096 in
res 51/04:08:00:90:93/00:00:2e:00:00/e0 Emask 0x1 (device error)
[19616.719127] ata4.00: status: { DRDY ERR }
[19616.719129] ata4.00: error: { ABRT }
[19616.720385] ata4.00: configured for UDMA/100
[19616.720394] ata4: EH complete
[19616.731054] ata4.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
[19616.731057] ata4.00: irq_stat 0x40000001
[19616.731059] ata4.00: failed command: READ DMA EXT
[19616.731064] ata4.00: cmd 25/00:08:00:90:93/00:00:2e:00:00/e0 tag 3 dma 4096 in
res 51/04:08:00:90:93/00:00:2e:00:00/e0 Emask 0x1 (device error)
[19616.731066] ata4.00: status: { DRDY ERR }
[19616.731067] ata4.00: error: { ABRT }
[19616.732462] ata4.00: configured for UDMA/100
[19616.732470] Buffer I/O error on dev sdd, logical block 97677824, async page read
[19616.732481] ata4: EH complete
[19617.580018] ata3: SATA link up 3.0 Gbps (SStatus 123 SControl 300)
[19617.580472] ACPI Error: [DSSP] Namespace lookup failure, AE_NOT_FOUND (20160930/psargs-359)
[19617.580477] ACPI Error: Method parse/execution failed [\_SB.PCI0.SAT0.SPT2._GTF] (Node ffff9633d68cd0c8), AE_NOT_FOUND (20160930/psparse-543)
[19617.693182] ACPI Error: [DSSP] Namespace lookup failure, AE_NOT_FOUND (20160930/psargs-359)
[19617.693188] ACPI Error: Method parse/execution failed [\_SB.PCI0.SAT0.SPT2._GTF] (Node ffff9633d68cd0c8), AE_NOT_FOUND (20160930/psparse-543)
[19617.693326] ata3.00: configured for UDMA/133
[19617.693328] ata3: EH complete
MarcT
April 19, 2017, 3:19pm
37
What I mean is don't use the USB dock. The "SG_IO: bad/missing sense data" is a known symptom of using a USB dock. You will need to connect the drive directly to a motherboard SATA port, or to an external eSATA dock. Some drive docks have both USB and eSATA ports, so you might just need an eSATA cable if your PC and dock have eSATA ports.
I wouldn't mess with the HPA and DCO options in hdparm right now. They're not needed for this issue and could brick the drives.
Anyhow, the Fujitsu default master password is 32 spaces. Try unlocking that one once its hooked up directly.
I'm going to be at work for a few hours now, so probably won't be able to reply for a while. Hopefully there's a few suggestions and things to try.
After what you said:
I switched to SATA:
I hope this clears a misunderstanding, tried the 32 spaces password on the fujitsu, that had the same error. Also when I try to boot with the drives, the system loops.
MarcT
April 21, 2017, 12:42am
39
Ok - I found an old dead Seagate drive and will do some testing here.
Eden
April 21, 2017, 1:31am
40
Read the output of hdparm. The lack of not
means it's set. The HDD is locked and has a password set (locked and enabled). You won't be able to do anything with it until you deal with this.
You need to remove the password in the bios first for the HDD.