#!/bin/sh # This method is based on the information provided by Peter Gutmann from the # Sixth (6th) Annual USENIX Security Symposium in a paper entitled: # "Secure Deletion of Data from Magnetic and Solid-State Memory" # Securely overwrite regular disks # Partitions are overwritten 35 times; rounds 1-4 use /dev/arandom, rounds # 5-31 use Guttman's deterministic patterns, and rounds 32-35 use # /dev/arandom. This option implements the method described by Peter # Gutmann in his whitepaper, Secure Deletion of Data from Magnetic and # Solid-State Memory, presented at the 6th USENIX Security Symposium. usage() { echo "$0 rawdiskdevtowipe" echo "example: $0 /dev/rwd0c" exit } if ! [ "$1" ]; then usage fi if ! [ -c /dev/arandom ]; then cd /dev sh ./MAKEDEV random if ! [ -c /dev/arandom ]; then echo "/dev/arandom does not exist and cannot make it, bailing!" exit 1 fi fi parsedd() { while read line; do case "$line" in *transferred*) echo "$line";; esac done } disk="$1" set -A gpat \ 55 55 55 \ aa aa aa \ 92 49 24 \ 49 24 92 \ 24 92 49 \ 00 00 00 \ 11 11 11 \ 22 22 22 \ 33 33 33 \ 44 44 44 \ 55 55 55 \ 66 66 66 \ 77 77 77 \ 88 88 88 \ 99 99 99 \ aa aa aa \ bb bb bb \ cc cc cc \ dd dd dd \ ee ee ee \ ff ff ff \ 92 49 24 \ 49 24 92 \ 24 92 49 \ 6d b6 db \ b6 db 6d \ db 6d b6 typeset -i8 o1 o2 o3 f=0 cd /tmp count=0 pass=0 while [ count -lt 4 ]; do let pass=pass+1 echo "Pass $pass: /dev/arandom" time dd if=/dev/arandom of=$disk bs=1m 2>&1 | parsedd let count=count+1 done g=0 while [ "${gpat[$g]}" ]; do g1=$g g2=$((g+1)) g3=$((g+2)) let g=g+3 let pass=pass+1 if [ "${gpat[$g1]}" = "00" ]; then echo "Pass $pass: /dev/zero" time dd if=/dev/zero of=$disk bs=1m 2>&1 | parsedd continue fi echo -n "Pass $pass: 0x${gpat[$g1]}${gpat[$g2]}${gpat[$g3]}" # yes, should use mktemp, but not present on ramdisks runfile=/tmp/continue.$$.$RANDOM.$RANDOM rm -f $runfile : > $runfile ( o1=$((16#${gpat[$g1]})) o2=$((16#${gpat[$g2]})) o3=$((16#${gpat[$g3]})) s="$(echo -n "\\0${o1#*#}\\0${o2#*#}\\0${o3#*#}")" echo -n "(" > /dev/stderr count=0 while [ count -lt 16 ] do echo -n "." s="$s$s" let count=count+1 done echo " ${#s} byte buffer)" > /dev/stderr while [ -f $runfile ]; do echo -n "$s"; done ) | { time dd of=$disk ibs=3m obs=1m 2>&1 | parsedd rm -f $runfile } done count=0 while [ count -lt 4 ]; do let pass=pass+1 echo "Pass $pass: /dev/arandom" time dd if=/dev/arandom of=$disk bs=1m 2>&1 | parsedd let count=count+1 done