Skip to main content

serase command

Use the serase command to securely and permanently erase the data of hard disk drives in the BMU mode.

Note

  • Using the standardized secure erase/sanitize commands applicable to the media-specific techniques, OneCLI supports to erase SATA/SAS/NVMe drives attached to the backplane, managed by a RAID controller, or connected with an HBA adapter.

  • Following are the erase methods:

    Erase methodsDescriptions
    Secure EraseWhen using Secure Erase/Block Erase/Enhanced Erase, a pre-defined pattern or default value(0 or 1) will be written on the user addressable area of the media.
    Block Erase
    Enhanced Erase
    Cryptographic EraseCryptographic Erase is applicable to SED or NVMe drive with media encryption key(MEK). The MEKs will be sanitized and make recovery of the decrypted Target Data infeasible.

  • By default, the onboard SATA disks are in the frozen status,so OneCLI cannot perform the secure erase on them. OneCLI will try to set the onboard SATA disks to the unfrozen status by changing the UEFI/XCC settings when booting the server to Maintenance OS. If the onboard SATA disks are still in frozen status, check if the UEFI version of the target server is the latest, and set the TPM jumper (physical presence jumper) to the asserted status on the server board. For more information about the system board jumpers, go to https://thinksystem.lenovofiles.com/help/index.jsp, select the target server model, and click Server components > System board jumpers.

serase command syntax

OneCli.exe misc serase <--bmc <userid:password@IP[:port]>> <--sftp user:password@IP[port][dir/]> <--dir <filePath>>
Table 1. serase command specific parameters
ParameterRequired/OptionalNotes

--bmc, -b

Required

Specify the access information of the target BMC.

The format is: user:password@host[:port].

--dir

Optional

Specify the path of the Maintenance OS boot file and the OneCLI package file.

--sftp

Required

Specify the SFTP connection information.

The format is: user:password@IP[:port][/directory/].

The address is used to upload the maintenance OS boot file and the OneCLI package file.

Example of the serase command

OneCli.exe serase –bmc USERID:PASSW0RD@xx.xx.xx.xx --sftp root:password@xx.xx.xx.xx --dir xxx
Note

Before running the serase command, users should run the following command to download necessary files for secure erase. For more information about secure erase, refer to Secure data deletion for all data storage devices.

OneCli.exe update acquire --platform --dir xxx