remove all
Hi,
I have a ssh access to a machine. I'd like to securely delete everything (system included) from the disk, and then shut this machine down. How could I achieve this ? Thanks |
Deleting a running system securely is not as easy as it sounds, remotely or otherwise. If you just rm all the files, sooner or later you'll remove an executable or script needed to shut the system down.
The best way I can think of is to create a custom initrd that overwrites all partitions with zeroes or random data and then shuts the system off. You could then simply add that initrd to the boot loader and reboot. |
simply delete all the parations using fdisk command....specially the partation mounted on / then shutdown the sytem...... it will never reboot untill fresh installation.
|
Quote:
|
Ser Olmy, could you please give more details as to how to create that custom initrd, and how to add it to the boot loader ?
|
First you'll need to create a regular initrd. If you don't know exactly what that is or how it's created, check the documentation for your distribution (then ask here if something's still not entirely clear).
When you have the initrd, you will need to make the following modifications:
I would recommend testing this on a virtual machine before deploying, to make sure the target system gets properly erased. Just remember to take a snapshot of the VM before reconfiguring the bootloader; that way you can simply roll back the changes should somthing go wrong. |
Is it OK to leave just /bin and /sbin behind? As long as you've got rm, dd and shutdown/poweroff you ought to be able to do this.
(rm every regular file not required to complete the rest of this procedure; dd if=/dev/zero to fill up the drive - on every partition if there is more than one; then poweroff --force. This would need testing on a vm as I suspect some of these commands may result in others being called.) Why do you need to do this? How securely? |
Ser Omly , if i m not wrong , then after deleting the partition mounted on / for example (/dev/sda1), grub is unable to find the kernel to boot from..... and also if u delete the partition mounted on /home then users personal data is also removed....after the naxt reboot ... grub shell will open up and system won't boot normally ..... i tried it many times on my college pc's...
|
Quote:
Ser Olmy is right, just deleting the partition table doesn't qualify as secure. |
All times are GMT -5. The time now is 08:18 AM. |