Ubuntu

Unistal, delete, libavcodec53,Libavutil51

Asked by Gabor Kovacs

Is there a way (mount option?) to securely delete files from ecryptfs? I mean of e.g. overwriting the file encryption key metadata with zeroes on the underlying filesystem by file removal so undeleting the file on the underlying file system will result in an undecipherable file.

Of course overwriting and recoverability of bits from the hardware is a complicated issue but just focus on the software side now, considering an overwritten piece of data changed.

Question information

Language:
Italian (Italy) Edit question
Status:
Answered
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Dustin Kirkland  (kirkland) said : 		#1

Not that I'm aware of.

Revision history for this message
Ted_Smith (tedsmith28) said : 		#2

Not sure I understand your question.

You want to wipe the lower level filesystem files - those that are encrypted and those that are used to do the encryption to prevent further recovery of data? If so, can't you just unmount and then wipe the eCryptfs files like any other file? Either way, encrypted or not, you're not going to get the data back.

Simple way is to delete all the files first once you've unmounted. So in the case of a private home directory setup :

cd ~/.Private
sudo rm *
cat /dev/zero > WatchMeFillFreeSpaceWithZeroes.txt

?

Or you could use shred (man shred in your distro)

Obviously, this will totally screw up your eCryptfs data.

Though I'm guessing I have mis-understood your question.

Can you help with this problem?

Provide an answer of your own, or ask Gabor Kovacs for more information if necessary.

To post a message you must log in.