access just doesn’t work.
2. You are locked out from your server.
This could happen, for instance, if you
colocate your server in a data center
but stop paying your bills or somehow
have a falling out with the provider.
They revoke your physical access to
your server, but you need to remove all
the sensitive files while the machine is
still available over the network.
3. You have a bad consulting client.
Perhaps you are a responsible and
talented sysadmin who sets up a
server for a client in good faith only
to have that client refuse to pay you
once the server is on-line. You want
to remove your work securely, the
client won’t return your calls, yet you
still have SSH access to the machine.
4. You bought a cloud server with inadequate tools. It is very popular these
days to host your server environment
in the cloud; however, one downside
is that many cloud providers cut costs
by giving you limited access to management of your cloud instance. Do
you really trust that when you terminate a server instance it is securely
erased? Do you get access to tools
that would let you boot a rescue
disk on your cloud instance? In
some cases, about the only remote
HACK AND /
management you have for a cloud
server might be your SSH connection.
5. You are an evil, malicious hacker who
wants to cover his tracks. Yes, this is
the least legitimate and most shady
reason to wipe a server remotely, but
I figured I should mention it in the
interest of completeness.
6. It’s a challenge. Some people climb
mountains, others run marathons,
still others try to wipe servers
remotely over SSH. You could just
be a person who likes to push
things to the limit, and this sounds
like an interesting challenge.
How Would You Ever Do This?
Now that you have worked through the
reasons you might need to know how to
wipe a server remotely, let’s talk about
how you actually would do it. First, and
most important, there are no redos!
When you write random bits to a raw
disk device, especially over SSH, you have
only one shot to get it right. When I was
preparing this process, I tested my procedure multiple times on virtual machines to
make sure my steps were sound. I’m glad
I did, as it took a few times to get all the
steps right, confirm my assumptions and
get the commands in the correct order.
What makes this challenge tricky is the
fact that you will write randomly over
WWW.LINUXJOURNAL.COM SEPTEMBER 2011 | 45