Securely Erasing a TrueNAS X-10 Storage Appliance with GRML and nwipe
In 2018 shortly after starting my post college career I had the task of securely erasing a TrueNAS X-10 storage appliance. Normally, erasing a storage appliance wouldn’t be difficult. In this case though it was more of a challenge. The X-10 is a headless appliance and we didn’t have any spare servers with RAID controllers compatible with the drives. I am finally posting the process I followed in the hope that others will find it as useful as I did.
- Black TrueNAS X-10 3.5mm serial to USB2.0 cable
- Linux system with serial console emulator installed
- GRML 2017.05 x64 full live USB from http://archive.grml.org/grml64-full_2017.05.iso
Power off the TrueNAS X-10 appliance.
Connect the 3.5mm end of the serial cable to port 10 in the image above. Connect the USB end to your console machine.
Connect the GRML live USB to the open USB port(labeled 4 in the image above) on the back of the NAS.
Remove the recovery drive from the USB port labeled 3 in the image above.
Set the serial console connection settings to the following and open the connection.
- Serial line:
- Speed: 115200
- Data bits: 8
- Stop bits: 1
- Parity: None
- Flow Control: None
- Serial line:
Power on the TrueNAS X-10 appliance.
ESM A=\>prompt to change the console from SCSI Enclosure Services mode to standard x86 console mode.
Entertwice to make the change stick.
After a few minutes you should see the beginning of
POST. If you do not, poweroff and power on the TrueNAS X-10 appliance while the connection is still active.
When the beginning of POST is visible, hit
DELto enter the BIOS setup.
Navigate to the IntelRC tab and enter the PCH config.
a. Enter the USB Configuration and change USB per port disable to
Navigate to the boot tab and change the boot order to boot from the GRML live USB drive first. Save the changes and exit.
Reboot the NAS with the serial cable still connected.
The GRML boot menu will appear. Select the
toramat the end and hit
Ctrl + xto boot.
Close the serial console session and relaunch it with the settings below.
- Serial line: `/dev/ttyUSB0` - Speed: 9600 - Data bits: 8 - Stop bits: 1 - Parity: None - Flow Control: XON/XOFF
The boot messages of the system should scroll up the screen.
Once the system has finished booting you should be at a shell prompt.
nwipeat the prompt and hit
Proceed as you would with DBAN on any other system.