root@ubuntu:~# hdparm -I /dev/sda
Security:
Master password revision code = 65534
supported
not enabled
locked
not frozen
not expired: security count
supported: enhanced erase
This output reveals several critical details about the SSD's security status:
- The drive implements ATA Security Mode feature set
- It's in a "locked" state but not "frozen"
- Enhanced erase is supported
- Master password revision code shows manufacturer defaults
The failed attempt shows a common pitfall when dealing with locked drives:
root@ubuntu:~# hdparm --user-master u --security-unlock 123456 /dev/sda
SECURITY_UNLOCK: Input/output error
This typically occurs when:
1. The password is incorrect
2. Maximum unlock attempts were reached
3. The drive's security implementation differs from standard ATA specs
Try this step-by-step approach:
# First check security status
sudo hdparm -I /dev/sda | grep -A10 Security
# If not frozen, attempt master password (common defaults: NULL, "password")
sudo hdparm --user-master m --security-unlock "" /dev/sda
# If that fails, try manufacturer-specific defaults
sudo hdparm --user-master m --security-unlock "0000" /dev/sda
sudo hdparm --user-master m --security-unlock "FFFF" /dev/sda
If unlocking isn't possible, consider these alternatives:
# Normal security erase (takes 2 minutes per drive info)
sudo hdparm --user-master m --security-erase "" /dev/sda
# Enhanced security erase (more thorough)
sudo hdparm --user-master m --security-erase-enhanced "" /dev/sda
Important notes:
- The drive must be in "not frozen" state
- Some SSDs may require specific power cycle procedures
- Always backup data first if possible
For the TX21B10400GE8001 model (likely OEM rebranded SSD):
- Try master passwords in all uppercase
- Some similar models respond to "SECURITY" as master password
- Manufacturer tools might be required for certain security modes
# Example of trying manufacturer pattern
for mpw in "MASTER" "SECURITY" "ADMIN" "PASSWORD"; do
echo "Trying $mpw";
sudo hdparm --user-master m --security-unlock "$mpw" /dev/sda;
done
When dealing with a password-protected SSD showing locked status in hdparm -I output, several key observations emerge:
Security:
Master password revision code = 65534
supported
not enabled
locked
not frozen
not expired: security count
supported: enhanced eraseVerify these essential parameters in your hdparm -I output:
- Security State: Must show "not frozen" (critical for any modifications)
- Enhanced Erase Support: Indicates hardware-level reset capability
- Time Estimates: 2min for both erase types suggests proper drive response
Here's the proper command sequence with error handling:
# Attempt unlock with user password (replace 123456 with your guess)
hdparm --user-master u --security-unlock 123456 /dev/sda
# If password unknown, proceed with master password reset
hdparm --user-master m --security-unlock NULL /dev/sdaWhen password recovery fails, the nuclear option is security erase:
# Step 1: Set temporary password (required for erase procedure)
hdparm --user-master u --security-set-pass EraseMe /dev/sda
# Step 2: Execute enhanced security erase (takes ~2min per your drive specs)
hdparm --user-master u --security-erase-enhanced EraseMe /dev/sda
# Monitor progress with:
watch -n 1 'hdparm -I /dev/sda | grep -A 4 "Security"'When encountering "Input/output error", try these workarounds:
# Cold reboot attempt (resets controller state)
hdparm --yes-i-know-what-i-am-doing --security-freeze /dev/sda
reboot
# Alternative security disable command
hdparm --user-master u --security-disable 123456 /dev/sdaFor SSD models like your TX21B10400GE8001:
- Check for vendor-specific utilities (e.g., Samsung Magician for Samsung SSDs)
- Some enterprise SSDs require physical jumper reset
- PRO6F515 firmware might respond better to security commands in legacy IDE mode