remove all
 

Hi,

I have a ssh access to a machine. I'd like to securely delete everything (system included) from the disk, and then shut this machine down. How could I achieve this ?

Thanks

Deleting a running system securely is not as easy as it sounds, remotely or otherwise. If you just rm all the files, sooner or later you'll remove an executable or script needed to shut the system down.

The best way I can think of is to create a custom initrd that overwrites all partitions with zeroes or random data and then shuts the system off. You could then simply add that initrd to the boot loader and reboot.

simply delete all the parations using fdisk command....specially the partation mounted on / then shutdown the sytem...... it will never reboot untill fresh installation.

But if you just recreate the partition table with fdisk, the file systems and data will all be there. That doesn't really qualify as "securely deleted".

Ser Olmy, could you please give more details as to how to create that custom initrd, and how to add it to the boot loader ?

First you'll need to create a regular initrd. If you don't know exactly what that is or how it's created, check the documentation for your distribution (then ask here if something's still not entirely clear).

When you have the initrd, you will need to make the following modifications:

• add any utilities you need to perform the system erase, like dd, shutdown etc.
• modify the startup script to run the erase commands instead of actually booting the system

Once this is done, the configuration file of the bootloader (grub or lilo) must be modified to use this initrd. In the case of lilo, the lilo command must be run to update the boot sector.

I would recommend testing this on a virtual machine before deploying, to make sure the target system gets properly erased. Just remember to take a snapshot of the VM before reconfiguring the bootloader; that way you can simply roll back the changes should somthing go wrong.

Is it OK to leave just /bin and /sbin behind? As long as you've got rm, dd and shutdown/poweroff you ought to be able to do this.

(rm every regular file not required to complete the rest of this procedure; dd if=/dev/zero to fill up the drive - on every partition if there is more than one; then poweroff --force. This would need testing on a vm as I suspect some of these commands may result in others being called.)

Why do you need to do this? How securely?

Ser Omly , if i m not wrong , then after deleting the partition mounted on / for example (/dev/sda1), grub is unable to find the kernel to boot from..... and also if u delete the partition mounted on /home then users personal data is also removed....after the naxt reboot ... grub shell will open up and system won't boot normally ..... i tried it many times on my college pc's...

In your example, all you're doing is preventing booting from /dev/sda1, and even then only temporarily. If you boot from a different device like a USB stick, then use a program to scan /dev/sda1 for possible partitions, you could rebuild the sda1 partition table.

Ser Olmy is right, just deleting the partition table doesn't qualify as secure.