# la partition en entier
sudo shred --iterations=1 --zero --random-source=/dev/urandom -fuv /dev/sdX0
# --iterations=N (-n): overwrite N+1 times instead of the default (3)
# --zero (-z): add a final overwrite with zeros to hide shredding
# --random-source=/dev/urandom : use entropy
# -f (--force): change permissions to allow writing if necessary
# -u: truncate and remove file after overwriting
# -v (--verbose): show progress

# juste un fichier
shred -fuzvn 0 fichier.ext
# -f, --force: change permissions to allow writing if necessary
# -n: overwrite N times instead of the default (3)
# -u, --remove[=HOW]: deallocate and remove file after overwriting
# HOW:
# unlink: use  a  standard  unlink call
# wipe: also first obfuscate bytes in the name
# wipesync: also sync each obfuscated byte to disk. Default mode, but can be expensive
# -v, --verbose: show progress
# -z, --zero: add a final overwrite with zeros to hide shredding

# srm fait partie du packet secure-delete
srm -llrv Dossier
# -d: ignore the two special dot files . and ..  on  the  commandline. (so you can execute it like "srm -d .* *")
# -f (fast): no /dev/urandom, no synchronize mode
# -l (lessens the security): Only two passes are written: one mode with 0xff and a final mode random values
# -ll (lessons the security even more): only one random pass is written
# -r (recursive): deletes all subdirectories
# -v (verbose)

# supprimer tous les fichiers avec shred
find Dossier -type f -print0 | xargs -0 -I file shred -fuvzn 0 file
# puis les dossiers avec srm
srm -llrv Dossier

# sfill fait partie du packet secure-delete
# créé un fichier sur la partition qui grossit jusqu'à remplir tout l'espace. Ainsi tous l'espace libre sera écrasé.
sfill -llv /media/mounted-partition
# -l (lessens the security): Only two passes are written: one mode with 0xff and a final mode random values
# -ll (lessons the security even more): only one random pass is written
# -v (verbose)

# Make sure the drive security is not frozen
sudo hdparm -I /dev/sdX
# Security: 
# 	Master password revision code = 65534
# 		supported
# 	not	enabled
# 	not	locked
# 		frozen  → PAS BON !
# 	not	expired: security count
# 		supported: enhanced erase
# 	2min for SECURITY ERASE UNIT. 8min for ENHANCED SECURITY ERASE UNIT.

# une mise en veille puis un réveil passe le disque en not frozen !

# définir un mot de passe, étape nécessaire pour le security-erase
sudo hdparm --user-master u --security-set-pass PasSWorD /dev/sdX

# vérifier que le Master password est enabled
sudo hdparm -I /dev/sdX

# lancer le security-erase
sudo hdparm --user-master u --security-erase PasSWorD /dev/sdX
# --security-erase-enhanced pour le ENHANCED SECURITY ERASE

# à la fin, le Master password devrait être not enabled
sudo hdparm -I /dev/sdX