Any way to completely remove sensitive content from the HDD before returning CentOS dedicated servers?

Question

We are going to return a few rented CentOS dedicated servers and I was wondering about any way to remove sensitive content (a few folders) from the HDD before returning these servers?

Maybe some Linux alternative to "Eraser"? If so, what are those alternatives?

Thank you in advance

Rilindo · Answer 1 · 2011-11-29T04:49:26.490

3

If we are talking about specific partitions, you can run the following remotely:

dd if=/dev/zero of=/dev/hdxX (or sdx in some cases).

You can also use this command

shred -vfz -n 1 /dev/hdxX

If you have physical access, you can run the above commands on the entire drive if desired or use this:

http://www.dban.org/

edited Nov 29 '11 at 04:49

answered Nov 29 '11 at 02:44

Rilindo

5,058
5
26
46

Not sure if I can use any of those solutions since I do only have remote ssh access – Zillo Nov 29 '11 at 03:06
I highly recommend reading http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html#Epilogue to see what 35-pass overwrite really means, and why it's unneeded. – Andrew Nov 29 '11 at 03:11
you dont need a rescue disk to run those commands. You can run them from the existing install perfectly fine. – phemmer Nov 29 '11 at 03:18
Point taken. Updating answer. – Rilindo Nov 29 '11 at 03:20
`-n 100`?! That would take days. – David Schwartz Nov 29 '11 at 04:47
*updates shred command. I should mention that I plugged that in before I realize that he doesn't have physical access. – Rilindo Nov 29 '11 at 04:50

score 1 · Answer 2 · answered Nov 29 '11 at 02:56

1

Use shred on the sensitive files concerned.

You should also ask the hosting company what are its procedures for wiping servers and wiping backups.

answered Nov 29 '11 at 02:56

ramruma

2,730
1
14
8

Once I use shred on the sensitive folders (through ssh), any tip on how to proceed next? Maybe some final command that will also cause the ssh to disconnect. – Zillo Nov 29 '11 at 03:08
Looks like shred is not effective on Ext3 partitions – Zillo Nov 29 '11 at 03:18
+1 Ask the Hosting Company (**really** should have asked **before** you put sensitive information on another person's hardware). You could easily be in violation of privacy laws depending on what kind of information and agreements you have in place. Regardless of what you do at this point, they might have backups, which they may be entitled to keep indefinitely; again it depends on your agreements with them. – Chris S Nov 29 '11 at 03:19
Regarding shred it seems that convert to ext2 can be a solution before using shred. Chris S I am aware of that and the hosting company can do the work but I prefer to return the servers the more secured-erased as possible (just in case) – Zillo Nov 29 '11 at 03:28
Do not simply use shred to remove sensitive files on a filesystem where secure deletion hasn't been used religiously in the past. Sensitive data may still lurk in areas on disk marked as "unused". Just wipe the whole partition and be done with it. – Per von Zweigbergk Nov 29 '11 at 03:48
You could use a tool like zerofree http://packages.debian.org/search?keywords=zerofree to zero out any 'empty' blocks. Assume a reboot+dban isn't possible. – Zoredache Nov 29 '11 at 04:50
ext3 is not a problem for shred unless you have changed to data=journal mode: see man page. – ramruma Nov 29 '11 at 08:19
You can use shred on a whole partition (or filesystem). – ramruma Nov 29 '11 at 08:22
Use nohup so that when you disconnect your ssh session, shred continues. – ramruma Nov 29 '11 at 08:23

Any way to completely remove sensitive content from the HDD before returning CentOS dedicated servers?

2 Answers2