I have an old laptop that is running Ubuntu. Now I want to give away this laptop, but I want to remove all private data. So what should I remove? I don't want to format the whole system, because the OS will be still in use by the new owner.
Asked
Active
Viewed 3.1k times
9 Answers
33
You normally have all your private data in /home, especially browser cache and so on.
You might have private internet-settings in /etc/Network-Manager. Visit /etc, and look into the directories. Reconfigure your things, delete private data (WLAN key), see if everything is vanished. If not, remove by hand. mc (midnight commander) is a useful tool to iterate through directories, to view and delete files. (shred, see bottom).
Another directory with private Data might be /var/spool or /var/cache. For example the cups-printer-spooler produces summaries of printjobs, and document name, date of job can be reconstructed. Maybe you wish to clean them too.
Those files in /tmp get automatically deleted on every startup. So if you didn't reorganized things, which only you may know,
- create a fresh new account without password for the new user, (who is prompted for a password on the first login) and give this user the right to become superuser. Issue a
groupscommand at your own profile, to copy useful privileges like lpadmin, plugdev, scanner, ... before deletion. - login with the recover-option to get root access, and
- cd /home/roflcoptr
find . -delete #or, instead of -delete, you might consider shred:find . -execdir shred -n 1 {} +- control with
ls - delete your normal account (see: /etc/passwd, /etc/shadow) (suggested from the comments, thanks @intuited, give him a star)
If you consider cleaning empty space (@intuiteds second advice, maybe we should donate a star?), It would be more easy to use a live-cd to shred the whole system (which can continue unattended) and then install a new one (needs about 25 minutes with few interactions, mostly in the beginning). This could be in general the faster solution. More than one shred iteration is nonsense.
user unknown
- 6,892
19
Your safest option is to use something like DBAN to securely wipe the disk and then reinstall from scratch.
If you want to provide the same application profile to the recipient, you can use dpkg --get-selections to dump the system package state before wiping, and then use dpkg --set-selections after reinstallation to tell the new system that you want those packages installed. This will allow you to conveniently reinstall all the apps that you had set up.
The tool aptitude-create-state-bundle can also be used for this purpose, and is likely preferable, since it works at a higher level and can remember what packages were explicitly installed by you.
intuited
- 7,375
12
In my opinion, doing a complete disk wipe and reinstall of the OS is easier, less time-consuming, and more likely to erase everything that you wanted to erase. True, wiping the whole disk will take a long time, but you can go do something else while you wait. Removing specific packages and files from the existing OS is an involved process that requires lots of thinking and leaves lots of room for error. A complete reinstall accomplishes the same thing, only more effectively and with less work on your part.
Ryan C. Thompson
- 4,544
6
In complement to very good advice already given:
If you have been running local servers for development purposes, such as apache2, mysql, etc. I would advise to remove them using the "purge" option (it destroys conf files), be sure to remove the data and log directories and files (such as found in /var/log/ and /var/www/ or /var/lib/xxxx/ by default but in other places of your choice in you made a custom config) and then reinstall them with their default settings if needed by the new user.
Another advice for paranoid/clean people is to regenerate a new ssh server host key for the machine.
rm /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
so that it is no more considered as a known host by others.
ogerard
- 161
3
Run Bleachbit. http://bleachbit.sourceforge.net/
This way you may choose exactly what you want to remove without using some complicated command lines.
3
I personally use any method methods to wipe the drive
# from a live CD
dd if=/dev/zero of=/dev/sda bs=iM
Or DBAN or scrub (again from a live CD)
sudo apt-get install scrub
sudo scrub -p dod -f /dev/sda
You can the do an OEM install
2
If the data is not very important, you can create a new user and delete the old one.
Marco Ceppi
- 48,827
1
There are varying levels of security. Personally, I play it a little more paranoid. I wouldn't give away a hard drive if I've stored sensitive info on it. It might be worth it to you to just buy a new hard drive and install Ubuntu on it for whoever you're giving this to.
If you aren't this paranoid, or your data isn't that sensitive, see user unknown's post.
0
Very old question i know. Most of us have spare disks knocking about from old systems and even if you don't they are cheap enough now that you could easily just buy a new one and replace the existing disk in the laptop/computer.
All you need to do then is install the operating system via OEM install option and the new owner sets up their own account on first login, plenty of answers on that right here on askubuntu so I won't rehash that.
Simply put, you keep/destroy your disk that might contain sensitive information and put another disk in.
CodingInTheUK
- 146