asked on

how to wipe a running ubuntu server

Have a weird situation. Have some servers that are deployed that have sensitive (I.P.) data on them, as well as vpn keyfiles. I do not have physical access to them, but I do have root login over ssh. Is there a way to shred or wipe the mounted filesystems while the box is running? Would shred blow up partway through and cause the filesystem to be recoverable?
They are running various versions of Ubuntu server 10.04 and up.

Please, no lectures on proper security protocols, etc. Hindsight is 20/20 and new servers are properly secured. However, we need a way to handle this situation, in the event of a compromise, until we can get these old servers replaced.

ASKER CERTIFIED SOLUTION

Papertrip

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Papertrip

I was curious what package installed it on my minimal-install CentOS 6 server. If you were concerned about the validity of this tool, as I was at first, you should feel a lot better now knowing that it is a part of coreutils. I do at least.

[root@broken ~]# yum provides */shred
<snip>
coreutils-8.4-9.el6.x86_64 : A set of basic GNU tools commonly used in shell scripts
Repo        : base
Matched from:
Filename    : /usr/bin/shred

Open in new window

[root@broken ~]# yum info coreutils
<snip>
URL        : http://www.gnu.org/software/coreutils/
Description: These are the GNU core utilities.  This package is the combination of
           : the old GNU fileutils, sh-utils, and textutils packages.

Open in new window

SOLUTION

rindi

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Digital_Skream

ASKER

So, I first downloaded secure-delete and used srm to remove Ip containing files and sensitive data. Then i wiped the free space and swap. Finally, i used DD to render the whole mess unusable. Figure its the best I could do at this point.