People always talk about the convenience of hosted servers or cloud server instances. But what do you do with them when they're no longer needed? Sure, you can tell the provider to destroy them, but that's hardly a guarantee the data on those boxes will actually be wiped securely. Without physical access to the servers, you can't yank the disks out, write zeros on all blocks, and beat them with a sledgehammer. How can you be reasonably sure that your hosted (or cloud) server is completely destroyed when you're done with it?
This question popped up in a discussion I had with Matt Prigge recently. Several Linux boxes at a hosting provider had uptimes north of three years and needed to be completely wiped without any type of physical access. In this case, rebooting the boxes was out of the question because there was no guarantee they'd reboot properly. That might leave them inoperable, but the data on those systems could still be pilfered by anyone with physical access. Though it's easy enough to wipe hard disks with tools like Darik's Boot and Nuke, that wasn't an option here.
[ Also on InfoWorld: Watch Paul Venezia and Matt Prigge chat about virtualization networking in this Shop Talk video. | Then take a minute to read Paul Venezia's classic: "When in doubt, reboot? Not Unix boxes." ]
You could run
rm -rf / as root and let it go. That might mess up the box, but it won't guarantee that everything has been deleted securely. In fact, you can't even guarantee it'll delete every file, much less render them unrecoverable -- and after a while, the server will become unresponsive, putting it into an unknown state that cannot be verified.
Luckily, there are other methods of securely erasing running Linux servers.
The goal in my case was to perform several zeroing passes on all local disks, making sure to destroy the MBR (master boot record), which is a reasonably thorough method of ensuring that all data on disk is gone forever. (Unfortunately, the sledgehammer would have to sit this one out.) Also, I wanted confirmation that the disks had been completely wiped -- and the box should shut down at the end of the zeroing passes.