How to Secure Erase Synology DSM FVE Drives

by Rian

My old post on wiping retired Synology drives covered most use cases with two big caveats: one, Synology has since introduced full volume encryption on DSM, and two, the FVE implementation on DSM does not guarantee clean disposal. I will get into details in the tangent, but the short version is — DSM does not encrypt the whole drive; it still leaves a small area in plaintext. Paired with the unit itself, that area is a significant risk vector.

For this particular post, I am assuming we are disposing of drives that are encrypted with DSM’s FVE. Flaws aside, there is no reason not to encrypt the drives. Should the mechanical drives suddenly fail, the data on the drive itself would still be secure without your main unit in the same landfill.

First, we need to identify the drive in question. Connect it over USB, and run the following command:

lsblk -o NAME,SIZE,TRAN,MODEL

Once done, we need the partition paths that are not encrypted. Replace the /dev/sdX with the drive you identified above. If the drive is the only device connected over USB, it will likely be that one.

sudo fdisk -l /dev/sdX

And then finally, we zero out the system partitions (two of them, around 10 GB total). The large partition matching the drive’s capacity is the encrypted data, so we leave it alone. In my case, that was /dev/sda1 and /dev/sda2. It will give out an error message saying it reached the end once done (that is expected).

sudo dd if=/dev/zero bs=4M status=progress conv=fsync of=/dev/sdXN

Because the actual data is still encrypted per spec, we no longer need a full zero or random pass on the disk. Zeroing out maybe 10 GB on an HDD should not take too long compared to TB.

The vulnerability discovered on DSM comes largely from Synology’s odd obsession with a hand-holding tool (the Encryption Key Vault), which is designed to do two things: hold the randomly generated FVE keys, and let DSM automatically mount the drives on boot. The latter is the known vulnerability. So long as the user sets a long password for the vault, it serves as a good key manager. However, to automate the mounting process, Synology added a secondary key (a machine key) to unlock the vault on boot. The vault lives on that 10 GB of system area. Zeroing out the targeted area wipes out the vault, thereby stopping potential cascading failures.

The tangent to the tangent is KMIP on DSM. Synology has not written up a spec sheet on DSM’s behavior when a user opts for KMIP instead of the local key vault. The desirable outcome is that the local key vault is simply discarded. However, as far as I know, Synology has made no guarantee on it. In all honesty, it is bizarre Synology does not have a ‘boot with no volumes mounted’ option (available on shared folder encryption) or simply offer secure auto-mount on models with a proper TPM. It is an odd hill to die on.