Skip to content

Instantly share code, notes, and snippets.

@KenMacD

KenMacD/rekey.md

Last active October 21, 2015 15:22
Show Gist options
  • Save KenMacD/be9cbc39633c08966f9b to your computer and use it in GitHub Desktop.
Save KenMacD/be9cbc39633c08966f9b to your computer and use it in GitHub Desktop.
Download ZIP
How to set a new crypto key on your My Passport drive in Linux.
Raw
rekey.md

###Disclaimer: All risk is your own. In the best case this will erase everything on the disk forever.

Requirements

  • Make sure you want to wipe the drive.
  • Check that the sg_raw command works.
  • You'll likely have to run these as root or with sudo.
  • This should be done on a ramdisk to key data is left behind.
  • WD drive must be plugged in, and you must know the scsi device (check dmsg)

Generate new random key data

Create a file with true random bytes:

echo -ne "\x45\x00\x00\x01\x20\x00\x01\x00" >reset.bin
dd if=/dev/urandom bs=1 count=32 >>reset.bin

Check the drive status

# sg_raw -r 32 /dev/DEV c0 45 00 00 00 00 00 00 30

You should get back something like

Received 18 bytes of data:
 00     45 00 00 00 20 00 00 20  9b 05 ba 4b 00 00 00 02    E... .. ...K....
 10     10 20

Notice the bytes 9b 05 ba 4b. Find which of your bytes fit here, you'll need them later. If you did not get a reply that started with 45 from the drive then something is wrong and do not continue.

Reset the drive

Place your bytes above over the XX bytes in the command: # sg_raw -i reset.bin -s 40 /dev/DEV c1 e3 XX XX XX XX 00 00 28

You should receive SCSI Status: Good. If so then they key is now changed, simply unplug the drive. If you had data on with the default key you may now want to zero the disk.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment