Complete Re-Install of Centos7
Complete Re-Install of Centos7
I want to wipe my current install of Centos7 and re-install with the latest version (7.9)
I made the boot USB and went through the re-install process. Work well.
When choosing the drive to install on, I allowed it to reclaim space by selecting 'delete all'.
My question is: Will this process wipe all the previous data from system drive and the related file systems (/boot /boot/efi ...)?
The motivation is to have a clean install after a recent (potential) hacker attack.
thanks!
I made the boot USB and went through the re-install process. Work well.
When choosing the drive to install on, I allowed it to reclaim space by selecting 'delete all'.
My question is: Will this process wipe all the previous data from system drive and the related file systems (/boot /boot/efi ...)?
The motivation is to have a clean install after a recent (potential) hacker attack.
thanks!
Re: Complete Re-Install of Centos7
You should select the option to configure your own partitioning and do not tell it to reclaim space. Once in that dialog you can expand the bottom option in the left hand pane to get a list of the current partitions/LVs and highlight each one in turn, then tell it whether or not to format it, where to mount it etc and then press the update button on the right hand side.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: Complete Re-Install of Centos7
I guess it depends on what you mean by "wipe".
On a hard disk, I don't think it first will fill the disk with e.g. zeroes,
and then create partitions and file systems. On a flash disk, a
TRIM command may (or not) be run at some time. To be sure
that everything is overwritten, boot from live media and run this:
dd if=/dev/zero of=/dev/sdX
Edit: Don't think TRIM will wipe the disk. From wikipedia:
"A trim command allows an OS to inform an SSD which blocks of
data are no longer considered in use and can be wiped internally."
On a hard disk, I don't think it first will fill the disk with e.g. zeroes,
and then create partitions and file systems. On a flash disk, a
TRIM command may (or not) be run at some time. To be sure
that everything is overwritten, boot from live media and run this:
dd if=/dev/zero of=/dev/sdX
Edit: Don't think TRIM will wipe the disk. From wikipedia:
"A trim command allows an OS to inform an SSD which blocks of
data are no longer considered in use and can be wiped internally."
Re: Complete Re-Install of Centos7
There are two levels of wiping. If all you are doing is wanting a clean disk for a new install, then just doing a format and reinstall will make any remaining old data inaccessible.
If, however, you are concerned that the disk has sensitive material and may fall into the hands of bad actors then you need to comprehensively destroy the data. If the disk is no longer wanted the easiest think is to sling it in a bonfire, even the NSA can't read melted aluminium but be aware that environmentalists do not approve of this method. If the disk is to be reused but needs a full wipe, then there are several products available that will do a comprehensive job. This involves multiple passes over the disk writing a variety of different patterns to ensure that old copies of the data cannot be read. Just writing zeros will not stop sophisticated recovery techniques. Look for something that advertises a DoD shredding algorithm. There's a list of products at: https://madestuffeasy.com/best-hard-dri ... -software/, no endorsement intended.
If, however, you are concerned that the disk has sensitive material and may fall into the hands of bad actors then you need to comprehensively destroy the data. If the disk is no longer wanted the easiest think is to sling it in a bonfire, even the NSA can't read melted aluminium but be aware that environmentalists do not approve of this method. If the disk is to be reused but needs a full wipe, then there are several products available that will do a comprehensive job. This involves multiple passes over the disk writing a variety of different patterns to ensure that old copies of the data cannot be read. Just writing zeros will not stop sophisticated recovery techniques. Look for something that advertises a DoD shredding algorithm. There's a list of products at: https://madestuffeasy.com/best-hard-dri ... -software/, no endorsement intended.
Re: Complete Re-Install of Centos7
I read the request the other way around. As in the poster wants to reformat the system portions of the existing setup but retain the data s/he might have on the other portions.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: Complete Re-Install of Centos7
The disk in question is committed for the system (/boot, /boot/efi, etc); important data sits on other disks.
So, completely totally 'wiping' it is fine, in this case. but yes, I want to reuse it for the system.
The re-install is motivated by a potential break into the system -- so by 'wipe' I mean removing anything residing on that disk that may cause trouble.
It's unclear to me the best way to do that.
TrevorH: it sounds like you're recommending going the customize partition route during the install as a way to format the drive? And then one will need to allocate the rest of the set up as well -- which takes some thought.
MartinR, tunk, you suggested some good ideas as well.
But will these insure that all the 'bad actors' are gone? And let's say I use something like 'KillDisk', so do I: 1) Log in (Centos is setup now); 2) Run KillDisk on the system drive (with all the boot info and / ), 3) and then reboot from the USB and re-install? Seems like formatting that drive while logged in will be an issue -- ??? Trying to make sure I understand the the whole process.
thanks for the help!
So, completely totally 'wiping' it is fine, in this case. but yes, I want to reuse it for the system.
The re-install is motivated by a potential break into the system -- so by 'wipe' I mean removing anything residing on that disk that may cause trouble.
It's unclear to me the best way to do that.
TrevorH: it sounds like you're recommending going the customize partition route during the install as a way to format the drive? And then one will need to allocate the rest of the set up as well -- which takes some thought.
MartinR, tunk, you suggested some good ideas as well.
But will these insure that all the 'bad actors' are gone? And let's say I use something like 'KillDisk', so do I: 1) Log in (Centos is setup now); 2) Run KillDisk on the system drive (with all the boot info and / ), 3) and then reboot from the USB and re-install? Seems like formatting that drive while logged in will be an issue -- ??? Trying to make sure I understand the the whole process.
thanks for the help!
Re: Complete Re-Install of Centos7
Your last paragraph sounds as though you want to cut off the branch you are sitting on. Most software I've seen relies on the OS being present, which if you wipe the system disk it won't be!
There's a phrase "controlling the paranoia" which applies here. Why are you sure you want to wipe the disk? The normal procedure is to determine what the risk of exposure is and who the attackers are. One extreme is that the disk just contains cooking recipes that you don't want your neighbours to steal, at the other extreme you've got nuclear release codes that NSA, MOSSAD, KGB and BOSS are after. Pretty well all users are near the first example, and should protect accordingly.
In order or increasing severity your options are: do nothing, format, blank, shred, destroy. If I'm installing a new system onto a disk I just let the system handle it. Sure the old data may be there, but it's inaccessible from the filesystem and won't cause any problems for the new system. Next, if you want the comfort blanket, reformat it (but then this is what the installer will do if you alter the partitions). dd and friends allow you to remove any chance that data will be accessible by the system after the rebuild. This should be good enough for most private use. If you've got stuff that is "of interest" to the police or other agencies of the state, then you might need to shred using KillDisk or similar. Finally, if you've got the most sensitive information destruction is the only possibility, but why are you asking here? If you had that level of material you would have a security officer breathing down your neck!
As I said, control the paranoia. Evaluate the risk and just do what's needed, not what a couple of blokes on the internet said you could do.
There's a phrase "controlling the paranoia" which applies here. Why are you sure you want to wipe the disk? The normal procedure is to determine what the risk of exposure is and who the attackers are. One extreme is that the disk just contains cooking recipes that you don't want your neighbours to steal, at the other extreme you've got nuclear release codes that NSA, MOSSAD, KGB and BOSS are after. Pretty well all users are near the first example, and should protect accordingly.
In order or increasing severity your options are: do nothing, format, blank, shred, destroy. If I'm installing a new system onto a disk I just let the system handle it. Sure the old data may be there, but it's inaccessible from the filesystem and won't cause any problems for the new system. Next, if you want the comfort blanket, reformat it (but then this is what the installer will do if you alter the partitions). dd and friends allow you to remove any chance that data will be accessible by the system after the rebuild. This should be good enough for most private use. If you've got stuff that is "of interest" to the police or other agencies of the state, then you might need to shred using KillDisk or similar. Finally, if you've got the most sensitive information destruction is the only possibility, but why are you asking here? If you had that level of material you would have a security officer breathing down your neck!
As I said, control the paranoia. Evaluate the risk and just do what's needed, not what a couple of blokes on the internet said you could do.
Re: Complete Re-Install of Centos7
Indeed.
* If you assume that your system is compromised, then you don't boot with/into it.
* If you boot with the installer USB, then you don't access nor depend on anything on the disk (initially).
You can do three operations with that USB:
a) Mount filesystems from disk to read/write. Rescue. You don't want to do that here.
b) Do operations from command-line (dd, fdisk) without mounting or proceeding with installation
c) Tell the installer to change partitions and format* filesystems.
"KillDisk"-like tools tend to come on bootable media. Like the installer USB, but runs different program.
*I'd rephrase "format" as "initialize metadata of a filesystem".
Re: Complete Re-Install of Centos7
A very good point. No-one lays down format tracks these days.*I'd rephrase "format" as "initialize metadata of a filesystem".