[gentoo-user] OT: blanking disk of linux appliance

[gentoo-user] OT: blanking disk of linux appliance

[Adam Carter]

[-- Attachment #1: Type: text/plain, Size: 835 bytes --]

shred and dd available, but not srm etc

I want to remove the user account info before the device is returned, but
dont want to cripple the device. Filesystem is ext3 with default mount
options, which implies its mounted with the default data=ordered, and
according to the docs "In both the data=ordered (default) and
data=writeback modes, shred works as usual"

Would these steps be effective?
- set root pw back to installation default
- manually create copies of passwd and shadow (named passwd2 shadow2, NOT
by copying files then deleting extra lines) containing only the default
installation entries
- shred /etc/passwd /etc/shadow
- mv passwd2 and shadow2 to passwd and shadow
- dd if=/dev/zero of=/blah (to blank all spare blocks on fs, dd will bail
out once full. Will it miss info from non-fully allocated blocks?)
- rm /blah

[-- Attachment #2: Type: text/html, Size: 929 bytes --]

Re: [gentoo-user] OT: blanking disk of linux appliance

[Mick]

[-- Attachment #1: Type: Text/Plain, Size: 1116 bytes --]

On Monday 14 Jan 2013 02:11:32 Adam Carter wrote:
> shred and dd available, but not srm etc
> 
> I want to remove the user account info before the device is returned, but
> dont want to cripple the device. Filesystem is ext3 with default mount
> options, which implies its mounted with the default data=ordered, and
> according to the docs "In both the data=ordered (default) and
> data=writeback modes, shred works as usual"
> 
> Would these steps be effective?
> - set root pw back to installation default
> - manually create copies of passwd and shadow (named passwd2 shadow2, NOT
> by copying files then deleting extra lines) containing only the default
> installation entries
> - shred /etc/passwd /etc/shadow
> - mv passwd2 and shadow2 to passwd and shadow
> - dd if=/dev/zero of=/blah (to blank all spare blocks on fs, dd will bail
> out once full. Will it miss info from non-fully allocated blocks?)
> - rm /blah

Sounds good, but you would also need to shred -z -u /home/user files just in 
case some private files are still in there?  Also, where is mail stored?
-- 
Regards,
Mick

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

Re: [gentoo-user] OT: blanking disk of linux appliance

[Florian Philipp]

[-- Attachment #1: Type: text/plain, Size: 1403 bytes --]

Am 14.01.2013 03:11, schrieb Adam Carter:
> shred and dd available, but not srm etc
> 
> I want to remove the user account info before the device is returned,
> but dont want to cripple the device. Filesystem is ext3 with default
> mount options, which implies its mounted with the default data=ordered,
> and according to the docs "In both the data=ordered (default) and
> data=writeback modes, shred works as usual"
> 
> Would these steps be effective?
> - set root pw back to installation default
> - manually create copies of passwd and shadow (named passwd2 shadow2,
> NOT by copying files then deleting extra lines) containing only the
> default installation entries
> - shred /etc/passwd /etc/shadow

Don't forget the backup files created by some tools. For example
"/etc/passwd-"

> - mv passwd2 and shadow2 to passwd and shadow
> - dd if=/dev/zero of=/blah (to blank all spare blocks on fs, dd will
> bail out once full. Will it miss info from non-fully allocated blocks?)

Don't forget to do this as root to get the last 5%.

If you want to be sure, you can try several overwrite cycles, for
example with binary ones. The easiest way I know to generate such a
sequence is `tr '\000' '\377' < /dev/zero | dd of=...`. Or you can just
allocate /blah and then `shred` it.

> - rm /blah

If you have swap, you should clear that, too.

Regards,
Florian Philipp


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 262 bytes --]

Re: [gentoo-user] OT: blanking disk of linux appliance

[Stroller]

On 14 January 2013, at 02:11, Adam Carter wrote:

> shred and dd available, but not srm etc
> 
> I want to remove the user account info before the device is returned, but dont want to cripple the device. Filesystem is ext3 with default mount options, …

What kind of device is it?

I would have thought that a "device" would have a factory reset button, or that all configuration would be wiped upon uploading a new firmware.

You say that you're "returning" the system - if it's a PC-based system that you have been renting from someone else, then surely they have security obligations.

IMO the correct way to handle secure erasure of a system with a hard-drive is to wipe the whole thing before restoring the default system image.

Stroller.