serase command
Use the serase command to securely and permanently erase the data of hard disk drives in the BMU mode.
Using the standardized secure erase/sanitize commands applicable to the media-specific techniques, OneCLI supports to erase SATA/SAS/NVMe drives attached to the backplane, managed by a RAID controller, or connected with an HBA adapter.
Following are the erase methods:
Erase methods Descriptions Secure Erase When using Secure Erase/Block Erase/Enhanced Erase, a pre-defined pattern or default value(0 or 1) will be written on the user addressable area of the media. Block Erase Enhanced Erase Cryptographic Erase Cryptographic Erase is applicable to SED or NVMe drive with media encryption key(MEK). The MEKs will be sanitized and make recovery of the decrypted Target Data infeasible. By default, the onboard SATA disks are in the frozen status,so OneCLI cannot perform the secure erase on them. OneCLI will try to set the onboard SATA disks to the unfrozen status by changing the UEFI/XCC settings when booting the server to Maintenance OS. If the onboard SATA disks are still in frozen status, check if the UEFI version of the target server is the latest, and set the TPM jumper (physical presence jumper) to the asserted status on the server board. For more information about the system board jumpers, go to https://thinksystem.lenovofiles.com/help/index.jsp, select the target server model, and click .
serase command syntax
OneCli.exe misc serase <--bmc <userid:password@IP[:port]>> <--sftp user:password@IP[port][dir/]> <--dir <filePath>>
Parameter | Required/Optional | Notes |
---|---|---|
--bmc, -b | Required | Specify the access information of the target BMC. The format is: user:password@host[:port]. |
--dir | Optional | Specify the path of the Maintenance OS boot file and the OneCLI package file. |
--sftp | Required | Specify the SFTP connection information. The format is: user:password@IP[:port][/directory/]. The address is used to upload the maintenance OS boot file and the OneCLI package file. |
Example of the serase command
OneCli.exe serase –bmc USERID:PASSW0RD@xx.xx.xx.xx --sftp root:password@xx.xx.xx.xx --dir xxx
Before running the serase command, users should run the following command to download necessary files for secure erase. For more information about secure erase, refer to Secure data deletion for all data storage devices.
OneCli.exe update acquire --platform --dir xxx