[CentOS-virt] Problem with lvm disks assigned to kvm guests

Nico Kadel-Garcia nkadel at gmail.com
Thu Feb 6 11:56:22 UTC 2014


On Thu, Feb 6, 2014 at 6:17 AM, Dennis Jacobfeuerborn
<dennisml at conversis.de> wrote:
> On 06.02.2014 12:05, C. L. Martinez wrote:
>> On Thu, Feb 6, 2014 at 11:01 AM, Dennis Jacobfeuerborn


>> Many thanks Dennis ... Then if I do:
>>
>> dd if=/dev/zero of=/dev/sdc1 bs=1M (it is a 1TiB disk), will erase all
>> data and partitions created by the kvm guest??
>
> That should work although if you want to be really safe you should
> probably use /dev/urandom instead of /dev/zero as using random data is a
> better way to deal with the problem of data remanence:
>
> http://en.wikipedia.org/wiki/Data_remanence#Overwriting
>
> Regards,
>    Dennis

To avoid seeing the old partitions or boot loader, you can simply zero
the partition information. That will avoid the confusion, and it is
*much, much faster* than zeroing the whole disk.

              dd if=/dev/zero of=/dev/sdc1 count=100

/dev/urandom take *much* longer.. Also, that article you mention
merely describes the technique.  The *expense* of data recovery from
something that's been overwritten simply with zeroes or ones is
hideous, and the results quite poor according to previous analyses
I've seen. So while thousands of Google articles recommend "for real
security, use /dev/urandom", it's extremely difficult to find any that
justify the expense and time.

If you really feel the need to do military grade scrubbing, use
"dban", with the source code available at
http://sourceforge.net/projects/dban/files/dban/dban-2.2.8/.. It's at
the core of most disk erasure CD's and  USB stick tools that I've
seen..


More information about the CentOS-virt mailing list