[SOLVED] Synology "Secure Erase" Locks Drive (WDs unlocked / Seagate still locked)

Discussion in 'Hard Drives and Solid State Drives' started by Kristian, Apr 22, 2015.

  1. Kristian

    Kristian Active Member

    Joined:
    Jun 1, 2013
    Messages:
    344
    Likes Received:
    82
    When using the built in Synology "Secure Erase" on ALL of my drives (6x WD30EFRX and 1x ST3000DM01) , after encountering several filesystem errors, to start with clean wiped drives, I was trying to create a new volume out of the erased drives:

    Operation failed.

    What I found out is that synology drive erase locks the drives.

    So I used Putty for a SSH connection

    Code:
     cat /proc/diskstats 
    showed me a list of the disks available

    Code:
     hdparm -I /dev/sd<insert drive letter (sda, sdb etc)> 
    gave back the following

    Code:
    Security:
    Master password revision code = 65534
                   supported
                   enabled
                   locked
         not     frozen
         not     expired: security count
                   supported: enhanced erase
         Security level high
    Comparing the master password revision codes of the erased drive to a non-erased drive (same model), the code is the same and probably still factory default. Searching other forums reveal several common ATA factory passwords for the drives

    ---------------
    Solution (for those who are to lazy to read the whole post)
    Code:
    hdparm --security-disable synology /dev/sda
    ---------------

    Code:
    hdparm --user-master m --security-unlock WDCWDCWDCWDCWDCWDCWDCWDCWDCWDCW /dev/sd<insert drive letter (sda, sdb etc)>
    hdparm --user-master m --security-disable WDCWDCWDCWDCWDCWDCWDCWDCWDCWDCW /dev/sd<insert drive letter (sda, sdb etc)> 
    This worked for the WD drives. So they are working again as intended.

    For the Seagate drive:
    The Default Password should be Seatate + 25 Space (Pressing the Space Bar 25 times)
    For whatever reasons that is not working.

    HDD UNLOCK costs Money and the Trial does not Support my hd Controller (or I am to stupid getting this to work)
    Same with A*FF Repair Station and MHDD.
    Victoria isn't working either (couldn't get the Software to work in PIO mode)

    <Will try this evening if changing the BIOS Settings from AHCI to IDE / Legacy changes anything>


    Any other ideas that I could try this evening?
    @Chuckleb: As I have noticed in your cleaning out thread: you happen to have a Seagate Barracuda 3TB ST3000DM001:
    could you do a
    Code:
     hdparm -I /dev/<insert drive letter (sda, sdb etc) without "<"">">
    and post the Master Password Revision code?
    so I can check if the master Password should work or not? That would be really great.
     
    #1
    Last edited: May 5, 2015
    neoen likes this.
  2. neoen

    neoen New Member

    Joined:
    Apr 30, 2015
    Messages:
    7
    Likes Received:
    6
    Hi there ... I too managed to brick my seagate ST3000DM001 drives ... 4 of them actually. I just got off the phone with seagate and they said that to unlock the newer drives you have to know the password that was placed on them when it was locked. That is to say, they confirmed that they no longer have a master key password available to unlock a drive in the state we are seeing (I.E. Seagate with 25 spaces after it is not a thing on newer drives). So that means that we have to know the password that synology itself placed on it during the beginning of the wipe that failed otherwise we are SOL.

    I have a ticket in with synology now so we'll see what they have to say. Otherwise Seagate said all I can do is RMA the drives, which I'm ok with.

    I'll let you know how it goes.
     
    #2
    Kristian likes this.
  3. rubylaser

    rubylaser Active Member

    Joined:
    Jan 4, 2013
    Messages:
    842
    Likes Received:
    229
    If anyone is interested here is what the Master Code shows on one of my working ST3000DM001's. It's the same value as Kristian's locked drive.
    Code:
    hdparm -I /dev/sde | grep Master
    Master password revision code = 65534
    
     
    #3
    Kristian likes this.
  4. Kristian

    Kristian Active Member

    Joined:
    Jun 1, 2013
    Messages:
    344
    Likes Received:
    82
    Thank you that would be really fantastic.

    RMAing my drive is sadly not an option, because the warranty period ended in January :-/
     
    #4
    neoen likes this.
  5. neoen

    neoen New Member

    Joined:
    Apr 30, 2015
    Messages:
    7
    Likes Received:
    6
    I tried that master password rubylaser, no luck. Granted I only have about a 10% understanding of what I'm even doing. Does this look right?

    SSHed to my synology box

    Code:
    Synology> hdparm --user-master m --security-unlock 65334 /dev/sda
    That comes back as permission denied.
     
    #5
    Last edited: Apr 30, 2015
  6. Kristian

    Kristian Active Member

    Joined:
    Jun 1, 2013
    Messages:
    344
    Likes Received:
    82
    65334 is just a kind of a "checksum" if I remember that correctly
    65534 means that the master password is still factory default

    65534 is what all my drives are reporting back, no matter if locked or not.
    The value should change if you actually set a new master password.
    (Of course you can only set a new master password if you have the existing one)

    I am to afraid to do that on one of my working WDs where I have the master password because just like you I only understand half of what I am doing
     
    #6
    Last edited: Apr 30, 2015
    neoen likes this.
  7. neoen

    neoen New Member

    Joined:
    Apr 30, 2015
    Messages:
    7
    Likes Received:
    6
    Just wanted to post an update.

    I am getting a bit out of synology support but I'm not sure if they're going to be able to help me. I'd say that if you have not put in a ticket with them yet to go ahead and give it a shot. I am going to begin the RMA process for my drives today and cancel it if Synology can work some magic. The issue I'm facing right now is that I have 4 drives that are bricked and only 4 slots to work with. They want me to have all the drives in that were affected but if I do that then I kill the OS by taking out the only drive that has the OS on it, which is what caused this to begin with. Since you only have one bricked drive maybe they can work with that.

    We'll see, I'm emailing them back and forth right now.

    It would be nice for Synology to put a fail safe in that won't let you clean the last drive with an error that says something like "You can't do this until the other drives complete because it will completely wipe out the OS and cause the clean task to fail potentially bricking your hard drives"

    When I started the tasks I didn't really think about the fact that the OS lives on each drive and if you wipe all 4 it will freak out and die.

    Wish I had better news for you. I'll update again with how the Synology support ends up.
     
    #7
  8. Kristian

    Kristian Active Member

    Joined:
    Jun 1, 2013
    Messages:
    344
    Likes Received:
    82
    Thanks neoen,

    as I have no Synology device: just ran XPenology on a old PC to test if Synology devices are worth the money...

    Well I would say they are, if it wouldn't be for the issues we are facing
     
    #8
    Last edited: May 4, 2015
    neoen likes this.
  9. neoen

    neoen New Member

    Joined:
    Apr 30, 2015
    Messages:
    7
    Likes Received:
    6
    Ahh. I did the same thing before I bought the Synology device I ended up with. I love the device even though I could build a slightly more powerful machine for a little less cost. When it comes time to upgrade I will consider building my own but I do like not having to hack it.

    This may be your best bet - ATA security lock removal for seagate [Solved] ;) | my blag,my life,my linux

    I found that post when I was first looking into this, but my eyes crossed probably because it was 4am and really should have been sleeping and not trying to fix my bricked hard drives. It may be your best bet though. It looks to be some sort of hack to extract what the expected password is. Something I likely will not pursue since I can RMA all of my drives.

    Still nothing new from Synology.
     
    #9
    Kristian likes this.
  10. neoen

    neoen New Member

    Joined:
    Apr 30, 2015
    Messages:
    7
    Likes Received:
    6
    Wow, I'm impressed. Synology pulled it off. They SSHed in and unlocked all 4 drives, they all work now. I'm still going to return them and get some WD Reds I think but at least I can return functional drives :)

    So worst comes to worst you could set that drive aside and if/when you decided to purchase a Synology device you know that they can unlock it.

    I am going to try to weasel the solution out of them in a final email I just sent off, but they may keep that one close to their chest for security purposes. I'll report back here either way.
     
    #10
    Kristian and Marsh like this.
  11. neoen

    neoen New Member

    Joined:
    Apr 30, 2015
    Messages:
    7
    Likes Received:
    6
    Ok Kristian, got something for ya.

    Try the password 'synology' all lowercase. The hdparm they say to use is --security-disable with password synolgoy.

    So something along these lines

    Code:
    hdparm --security-disable synology /dev/sda
    Let us know if it works.

    -Neoen
     
    #11
    Kristian likes this.
  12. Kristian

    Kristian Active Member

    Joined:
    Jun 1, 2013
    Messages:
    344
    Likes Received:
    82
    You Sir are my hero for the day - no not the day, but the complete week!!!

    I can confirm: synology is working!

    Thank your very much!
     
    #12
    neoen likes this.
  13. neoen

    neoen New Member

    Joined:
    Apr 30, 2015
    Messages:
    7
    Likes Received:
    6
    Awesome! Good to hear. 3TB now usable again :)

    Now THIS is the post I would have liked to come across at 3am when I bricked all of my hard drives to begin with. Too bad google cant index posts from the future.
     
    #13
    Kristian likes this.
Similar Threads: [SOLVED] Synology
Forum Title Date
Hard Drives and Solid State Drives ironwolf vs wdred for synology nas Dec 5, 2018

Share This Page