SecureErase (Category 4 - DoE 3 - Pass Secure Erase) Macintosh HD - in Terminal app

... The end goal is to sell my computer

Since I didn't mention it yet, refer to What to do before you sell, give away, or trade in your Mac - Apple Support.

Step 7 redirects to Use Disk Utility to erase an Intel-based Mac - Apple Support.

If that version of Disk Utility does not offer the "secure erase" option you seek, How to reinstall macOS - Apple Support contains these additional instructions under Other macOS installation options:

• On an Intel-based Mac, you can use Shift-Option-Command-R during startup to be offered the macOS that came with your Mac, or the closest version still available.

That version of Disk Utility may contain the "secure erase" option. Which, as I wrote, is not required if you encrypted the startup disk.

If you encrypted that disk with FileVault, then there is no need to do anything except erase it in the usual manner.

Encrypt Mac data with FileVault - Apple Support

Files on a FileVault encrypted disk are inaccessible without its encryption key, which is created with the FV password. Erasing the disk erases that key.

It seems you have a mission to figure out how to use the command line to get the result you want since you don't seem to want to use @John Galt's excellent suggestion. This is perfectly fine as I too like to experiment just to prove that something can be done even if there are other alternatives, but keep in mind not very many people are familiar with the macOS command line utilities especially with some of their lesser used options like the multi-pass secure erase.

The bootable Knoppix USB stick may also have a utility available to allow such secure erase like you want through a GUI interface, although I don't recall which app it is since Knoppix includes hundreds of apps by default.

Another option would be DBAN, but it can only be booted from a CD on a Mac since it doesn't support UEFI booting from USB. It seems someone took the open source erase utility utilized by DBAN and created ShredOS which does support booting to UEFI systems like a Mac from a USB stick. You will need to use the .img version since the .iso version currently does not support UEFI booting. Use the downloaded ShredOS .img file as a source for Etcher (Mac/Windows/Linux) in order to create a bootable ShredOS USB stick. Then Option Boot the USB stick and select the orange icon labeled "EFI".

I'm just providing these options in case someone else wants to perform a multi-pass secure erase of their hard drive (never use these options for an SSD as SSDs don't work the same way as hard drives and as it will also just wear out the SSD prematurely) and may not want to use the command line.

With solid state storage, a "secure erase" is a superfluous exercise that will accomplish exactly nothing other than to cause premature failure due to finite memory erase / write cycle limits inherent in nonvolatile memory. That is the reason Disk Utility only offers to write zeroes.

Excerpted from Erase and reformat a storage device in Disk Utility on Mac - Apple Support:

Note: With a solid-state drive (SSD), secure erase options are not available in Disk Utility. For more security, consider turning on FileVault encryption when you start using your SSD drive.

Why they are not available: Justification for "securely" erasing magnetic media is to accomplish a sufficient number of erase / write cycles as to diminish the likelihood of extracting data using magnetic force microscopy or whatever technology may supplant it. Such techniques are used by organizations with the motivation to spend essentially unlimited amounts of both time and money.

Solid state storage is not magnetic, so those techniques are not applicable to it. Just erase it and you're done.

It may interest you to know the US NSA does not even consider the traditional "secure erase" acceptable. Excerpted from their FAQ:

Do I have to destroy my storage device? Can't I reuse it?

Unfortunately, you do have to destroy your drives. CSDSR has not approved any software erasure methods. Physical destruction is the only secure way to ensure your data is gone.

... and,

I degaussed my hard drive, do I still need to destroy it? 

Yes, physically destroying a hard drive is an additional level of security and helps ensure that this drive is not accidentally mistaken for a working drive. Note: Destruction does not replace degassing. You MUST degauss your hard drive.  

So even I learned something. You have to degauss and destroy the drive 😆 Heaven forbid someone glues all the destroyed shrapnel together and subjects the wreckage to magnetic force microscopy. Your tax dollars at work!

SteveHS wrote:

Yes, that's exactly what I'm saying.

It's a Samsung 860 QVO Solid State Drive 2 TB - SATA 6 GB/s.

It was purchased and installed by a local authorized Apple technician in January of 2020.

Okay, the pattern overwrite arose in the era before embedded servo tracking in hard disks (~1990), with floppy disks, and way, way, way before SSDs became endemic. Old HDDs were, well, sloppy about tracking. That’s no longer the case. And SSDs have no means of overwrite, as they continuously re-vector storage on each write for performance and wear leveling reasons. Each write to the same sector goes to different storage. SSDs also necessarily erase sectors before any re-use. Further, the default on macOS is to use disk encryption, which means the keys are needed to access any data that isn’t otherwise clobbered.

Which in aggregate means an overwrite clears all data, and means the data is already unreadable.

If the SSD itself supports ATA SECURITY ERASE UNIT command, things get easier.

Based in the specs, it appears this SSD device does support the ATA SECURITY ERASE UNIT command, and there is Windows software available to trigger it.

Bootable Linux is another path to trigger: https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

Here’s a write-up in using a rescue CD and ATA SECURITY ERASE UNIT that I’d try: https://www.uvm.edu/it/kb/article/secure-erase/

Starting on Monterey with a T2 Mac, use the Secure Erase mechanism: Erase all content and settings on Mac - Apple Support

Per US NIST SP 800-88 (and which is new enough to cover SSDs), ATA SECURITY ERASE UNIT is sufficient: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf#page55

HWTech wrote:

Also, I'm a bit curious about why you did not have Filevault enabled on this system if data security is so important now when preparing the computer for sale?

This very good question was discussed / beaten to death a while ago: Secure Empty Trash missing on El Capitan - Apple Community.

People were shocked, amazed, distressed and dismayed that Apple so callously removed a feature that had always been little more than a placebo.

Data does not suddenly become sensitive the moment you decide to destroy it, it's sensitive from the moment it is created, before multiple redundant copies become created on local storage, and perhaps distributed to servers all over the world.

Is simply re-installing MacOS Catalina (over-writing the current MacOS operating system) sufficient considering the fact this system is operating off of an SSD?

Follow What to do before you sell, give away, or trade in your Mac - Apple Support.

We have come full circle.

SteveHS wrote:

Yes, that's exactly what I'm saying.

It's a Samsung 860 QVO Solid State Drive 2 TB - SATA 6 GB/s.

It was purchased and installed by a local authorized Apple technician in January of 2020.

Then all you need to do is just perform a simple erase using Disk Utility using the GUI app. When macOS "erases" an SSD, all the blocks get marked as unused during the process which makes the SSD erase them automatically. You can confirm the data on the SSD is gone by using the macOS command line utility "xxd" which can give a hexdump of the raw drive. Keep in mind there will be a small amount of data on the erased SSD at the very beginning of the drive since macOS always insists on having a partition table and file system on erased drives. But once you get past the very beginning of the drive, the data should appear as all zeroes (or whatever the default byte code is for Apple -- it will appear as a bunch of periods on the human readable text part of the hexdump screen). Replace the "X" in "diskX" with the correct drive identifier for the drive you are attempting to read. You may also need to first unmount the drive (not sure). And I mean "unmount" and not eject and may require of the command line.

xxd  /dev/diskX

The ATA Secure Erase link I provided earlier is another very easy method of quickly erasing the entire SSD using the SSD's built-in hardware secure erase feature, although it usually requires using a Linux boot disk and utility. Some SSD manufacturers provide a proprietary app to access the SSD's built-in hardware secure erase feature, but of course you cannot run it for the same drive you are booted from. Most of this proprietary software is made for Windows only, although I believe Samsung provides a Mac version of their Magician software. Once initiated, the process usually completes in less than a minute, but it does depend on the size of the SSD. This feature is an acceptable option for securely erasing a drive according to the NIST documentation.

https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-88r1.pdf

This is the best anyone can do to securely erase an SSD due to how SSDs work. The only other option is to destroy each of the NAND memory chips on the SSD. Seems like a waste to destroy a perfectly good SSD though when it would require expensive equipment and specialized knowledge to attempt to recover any data from an SSD just on the off chance an erased SSD could possibly contain any data.

Regarding the ATA Secure Erase:

• Make sure to use a simple easily remembered password with no spaces or special characters. If the erase fails, then you will need to attempt another erase, or you will need to unlock the SSD with that password to be able to use the SSD normally. If you forget the password, then the SSD becomes a brick (after all the password is technically a security feature).
• Do not use the "Enhanced Erase" on an Apple SSD. There is a chance it could brick the SSD (personal experience -- may have been a bad SSD, or perhaps a bug in the particular SSD). I've never had a problem using the basic/normal secure erase on any SSD which supports a built-in hardware secure erase, even Apple SSDs.

Also, I'm a bit curious about why you did not have Filevault enabled on this system if data security is so important now when preparing the computer for sale? If the computer was stolen, then the data would have been easily accessed by the thief or later owner. FYI, a user account password does not prevent someone with physical access to the computer or the drive from accessing data anywhere on the drive (at least for an unencrypted computer without a T2 security chip). Same goes for any backups of that computer. Filevault does not really significantly impact performance even when using a slow spinning hard drive at least once the initial encryption process has finished.

When I attempted to duplicate what you're doing I ran into the same problem. The solution was to use eraseVolume as that description indicated:

diskutil eraseVolume APFS test /Volumes/Macintosh\ HD

... in which test is the name of the newly erased volume. That worked.

• Edit to add: zeroDisk or randomDisk will probably work too, followed by eraseVolume. I didn't try either one. I don't want to prematurely wear out my Mac's expensive storage.

As you are now aware merely erasing flash memory is sufficient. I suspect your attempts to use secureErase are failing due to the fact it should not be used with SSDs.

May I assume you are frustrated at the inability to do something on macOS that you were easily able to accomplish with Microsoft Windows? If so bear in mind Windows has to be written for generic hardware over which Microsoft has no control. A "secure erase" is exactly as worthless and potentially damaging for Windows PCs that use flash memory, but Microsoft has no way to anticipate what hardware will be used for Windows. If a user wants to "secure erase" a PC so equipped, Windows indulges the hapless user. Microsoft won't care if you ruin a PC by doing that, and all the PC manufacturer will say is that the user did something dumb and they're not responsible either.

On the other hand Apple bears sole responsibility for the whole product — hardware and software — and goes through Herculean efforts to protect users from themselves.

If you boot that Mac's Internet version of Recovery using the appropriate key chord, you will be able to use its version of Disk Utility to perform "secure erase" you desire:

It performs the exact same action as diskutil secureErase 4

The "Most Secure" option:

... could take a month to finish, so you may want to use an uninterruptible power supply and a gas / diesel generator. If the iMac's power were to be suddenly interrupted during that period of time I don't know what would happen. The drive could be rendered permanently inoperable. Perhaps that would be "mission accomplished" 😆

The multi-pass erase will take a very very long time as you now know. Days, certainly, for no technologically justifiable benefit.

Organizations with overwhelmingly stringent data security needs physically destroy drives using machines dedicated for the purpose.