Security – What to Do Before Giving Away an Ubuntu Machine

Security

I have an old laptop that is running Ubuntu. Now I want to give away this laptop, but I want to remove all private data. So what should I remove? I don't want to format the whole system, because the OS will be still in use by the new owner.

Best Answer

You normally have all your private data in /home, especially browser cache and so on.

You might have private internet-settings in /etc/Network-Manager. Visit /etc, and look into the directories. Reconfigure your things, delete private data (WLAN key), see if everything is vanished. If not, remove by hand. mc (midnight commander) is a useful tool to iterate through directories, to view and delete files. (shred, see bottom).

Another directory with private Data might be /var/spool or /var/cache. For example the cups-printer-spooler produces summaries of printjobs, and document name, date of job can be reconstructed. Maybe you wish to clean them too.

Those files in /tmp get automatically deleted on every startup. So if you didn't reorganized things, which only you may know,

  • create a fresh new account without password for the new user, (who is prompted for a password on the first login) and give this user the right to become superuser. Look at your own profile to copy your privileges before deletion.
  • login with the recover-option to get root access, and
    • cd /home/roflcoptr
    • find . -delete # or, instead of -delete, you might consider shred:
    • find . -execdir shred -n 1 {} +
    • control with ls
    • delete your normal account (see: /etc/passwd, /etc/shadow) (suggested from the comments, thanks @intuited, give him a star)

If you consider to clean empty space (@intuiteds second advice, maybe we should donate a star?), It would be more easy to use a live-cd to shred the whole system (which can continue unattended) and then install a new one (needs about 45 minutes with few interactions, mostly in the beginning). This could be in general the faster solution. More than one schred-iteration is nonsense.