Forum: >>> Magnum BBS <<<

Add option in Debian installer to skip secure delete step

From josesanchez2782@21:1/5 to All on Thu Jan 30 21:10:01 2025

SGVsbG8sIEkgd291bGQgbGlrZSB0byBzdWdnZXN0IGEgbmV3IG9wdGlvbiBpbiB0aGUgRGViaWFu IEdVSSBpbnN0YWxsZXIuIEN1cnJlbnRseSwgd2hlbiB5b3UgZW5hYmxlIGZ1bGwgZGlzayBlbmNy eXB0aW9uIHdpdGggTFVLUywgaXQgYXV0b21hdGljYWxseSBvdmVyd3JpdGVzIGFsbCB0aGUgYml0 cyBpbiB0aGUgZHJpdmUgaW4gdGhlIHNlY3VyZSBkZWxldGUgc3RlcCBiZWZvcmUgZW5hYmxpbmcg TFVLUyBhbmQgaW5zdGFsbGluZyBEZWJpYW4uCgpBbHRob3VnaCB0aGlzIGlzIG1vcmUgc2VjdXJl IGJlY2F1c2UgaXQgZXJhc2VzIGFsbCByZW1haW5pbmcgZGF0YSBvbiB0aGUgZHJpdmUgYW5kIG1h a2VzIGl0IGhhcmRlciB0byBndWVzcyB3aGVyZSB0aGUgbmV3IGVuY3J5cHRlZCBkYXRhIGlzIGFu ZCB3aGVyZSB0aGUgb2xkIGRhdGEgaXMsIHRoZXJlIGFyZSBzb21lIHVzZXJzIHdobyB3YW50IHRv IHNraXAgdGhpcyBzdGVwIGluIG9yZGVyIHRvIGNhdXNlIGxlc3MgZGFtYWdlIHRvIHRoZSBkcml2 ZSwgb3IgYmVjYXVzZSB0aGVpciBkcml2ZSBhbHJlYWR5IGhhZCByYW5kb20gb3IgZW5jcnlwdGVk IHZhbHVlcy4KSXQgd291bGQgYmUgbmljZSB0byBoYXZlIGEgY2hlY2tib3ggdGhhdCBhbGxvd3Mg eW91IHRvIHNlbGVjdCB3aGV0aGVyIG9yIG5vdCB0byBwZXJmb3JtIHRoZSBzZWN1cmUgZGVsZXRl IGFmdGVyIHlvdSBoYXZlIGNob3NlbiB0byBlbmNyeXB0IHRoZSBkaXNrIGluIHRoZSBHVUkgaW5z dGFsbGVyLg==

PGRpdiBzdHlsZT0iZm9udC1mYW1pbHk6IEFyaWFsLCBzYW5zLXNlcmlmOyBmb250LXNpemU6IDE0 cHg7Ij48c3Bhbj5IZWxsbywgSSB3b3VsZCBsaWtlIHRvIHN1Z2dlc3QgYSBuZXcgb3B0aW9uIGlu IHRoZSBEZWJpYW4gR1VJIGluc3RhbGxlci4gQ3VycmVudGx5LCB3aGVuIHlvdSBlbmFibGUgZnVs bCBkaXNrIGVuY3J5cHRpb24gd2l0aCBMVUtTLCBpdCBhdXRvbWF0aWNhbGx5IG92ZXJ3cml0ZXMg YWxsIHRoZSBiaXRzIGluIHRoZSBkcml2ZSBpbiB0aGUgc2VjdXJlIGRlbGV0ZSBzdGVwIGJlZm9y ZSBlbmFibGluZyBMVUtTIGFuZCBpbnN0YWxsaW5nIERlYmlhbi48L3NwYW4+PGRpdj48YnI+PC9k aXY+PGRpdj48c3Bhbj5BbHRob3VnaCB0aGlzIGlzIG1vcmUgc2VjdXJlIGJlY2F1c2UgaXQgZXJh c2VzIGFsbCByZW1haW5pbmcgZGF0YSBvbiB0aGUgZHJpdmUgYW5kIG1ha2VzIGl0IGhhcmRlciB0 byBndWVzcyB3aGVyZSB0aGUgbmV3IGVuY3J5cHRlZCBkYXRhIGlzIGFuZCB3aGVyZSB0aGUgb2xk IGRhdGEgaXMsIHRoZXJlIGFyZSBzb21lIHVzZXJzIHdobyB3YW50IHRvIHNraXAgdGhpcyBzdGVw IGluIG9yZGVyIHRvIGNhdXNlIGxlc3MgZGFtYWdlIHRvIHRoZSBkcml2ZSwgb3IgYmVjYXVzZSB0 aGVpciBkcml2ZSBhbHJlYWR5IGhhZCByYW5kb20gb3IgZW5jcnlwdGVkIHZhbHVlcy48L3NwYW4+ PC9kaXY+PGRpdj48YnI+PC9kaXY+PHNwYW4+SXQgd291bGQgYmUgbmljZSB0byBoYXZlIGEgY2hl Y2tib3ggdGhhdCBhbGxvd3MgeW91IHRvIHNlbGVjdCB3aGV0aGVyIG9yIG5vdCB0byBwZXJmb3Jt IHRoZSBzZWN1cmUgZGVsZXRlIGFmdGVyIHlvdSBoYXZlIGNob3NlbiB0byBlbmNyeXB0IHRoZSBk aXNrIGluIHRoZSBHVUkgaW5zdGFsbGVyLjwvc3Bhbj48YnI+PC9kaXY+PGRpdiBjbGFzcz0icHJv dG9ubWFpbF9zaWduYXR1cmVfYmxvY2siIHN0eWxlPSJmb250LWZhbWlseTogQXJpYWwsIHNhbnMt c2VyaWY7IGZvbnQtc2l6ZTogMTRweDsiPg0KPC9kaXY+DQo=

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Marc Haber@21:1/5 to All on Thu Jan 30 21:30:02 2025

On Thu, Jan 30, 2025 at 07:52:12PM +0000, josesanchez2782 wrote:

Hello, I would like to suggest a new option in the Debian GUI installer. Currently, when you enable full disk encryption with LUKS, it automatically overwrites all the bits in the drive in the secure delete step before enabling LUKS and installing

Debian.

That option does already exist. It is however not obvious. And I always
forget to set it, too.

Greetings
Marc

-- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Pascal Hambourg@21:1/5 to Marc Haber on Thu Jan 30 21:50:01 2025

On 30/01/2025 at 21:28, Marc Haber wrote:

On Thu, Jan 30, 2025 at 07:52:12PM +0000, josesanchez2782 wrote:

Hello, I would like to suggest a new option in the Debian GUI
installer. Currently, when you enable full disk encryption with LUKS, it
automatically overwrites all the bits in the drive in the secure delete
step before enabling LUKS and installing Debian.

That option does already exist. It is however not obvious. And I always forget to set it, too.

The option is labelled "Erase data" (yes/no) in the encrypted partition settings, but it is available in manual partitioning only, not during
guided partitioning. However when the erasure has started, you can stop
it anytime by selecting "Cancel".

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Philip Hands@21:1/5 to Marc Haber on Thu Jan 30 22:30:01 2025

Marc Haber <mh+debian-boot@zugschlus.de> writes:

On Thu, Jan 30, 2025 at 07:52:12PM +0000, josesanchez2782 wrote:

Hello, I would like to suggest a new option in the Debian GUI installer. Currently, when you enable full disk encryption with LUKS, it automatically overwrites all the bits in the drive in the secure delete step before enabling LUKS and installing

Debian.

That option does already exist. It is however not obvious. And I always forget to set it, too.

I was under the impression that one could simply cancel the erase, and
continue with the install.

Actually, looking at the relevant templates, it is even supposed to tell
you that:

https://salsa.debian.org/installer-team/partman-crypto/-/blob/master/debian/partman-crypto.templates?ref_type=heads#L222

"... This step may be skipped by cancelling this action, albeit ..."

so if that's not showing up on the screen for you, please report a bug.

Also, since Stretch (Debian 9) we've had a preseed variable for the purpose:

partman-auto-crypto/erase_disks

which can be set to 'false' to skip this step, as you can see here:

https://preseed.debian.net/debian-preseed/stretch/amd64-main-full.txt

(look for "erase_disks")

HTH

Cheers, Phil.
--
Philip Hands -- https://hands.com/~phil

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3/FBWs4yJ/zyBwfW0EujoAEl1cAFAmeb7g8ACgkQ0EujoAEl 1cDD8xAAt5wdd5hKiT0Axq79h8F9DuXqwQvwFWWu1JdDvfI6208qyX8aYMltN4xY 5/iFWFeYl//FcM2fi7kRaPTVtkjjE1wkpxU5ogB4T4ULloYNJICPHJ+wLS8SEskl HLjnY3dgv64s15l/88TnKLMCPpXioXJzZCQEE7JWiNvJPhiZWX+62HeG2gX8XXni az8DLBM4cTNKD7g+60+fPIYCsKFIxXzJt7sjwnZgImlbC2bQb3OfLyCrHigs00q/ RHJDaka1Jlww9HzSIadDOA3Bm2xMTkF31YFqOyEbJUpNV/Z0fRm+g3H3gNuARKQZ IqvM0eChirnu4a4Xm+Ub47lAo5bsmrSuuvzwd/54G/cS6vxv+vx0vyKx1VLV6Mcc emfheqZxM3TZ6uNh/TA4uAxdS/aMPqIBPsUvn6MlUQeA5REPwbTAC1nX1ada80yh eN28MBBtSnK/IxSuK8Hs2qwVwvnFeZXZ7TB9ZFjGICY/5cKGhdNGNEu7UPo12vEV dBJhKsy+UNAnMtDoLHIfwXsS9VRiNMIyhgmq18NB9zGDO+7TBkpEkAGGpK4guoz6 YcyGWIKbxbdNxbYA/rmrTYYjXYNjZeP23+EwO3VHj2PNgqjFAQ47E169JO3xn1DW 9E1KhhNk/Vv2sHcxbWWxkRpcZf4U63dcO9SK0qURrdF44r0CCCM=otqy
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gatewa

Who's Online
Recent Visitors
- Bob Worm
  Mon Jun 2 15:57:49 2025
  from Wales, Uk via Telnet
- Plume
  Mon Jun 2 10:12:53 2025
  from Uk via SSH
- Gwylbert
  Mon Jun 2 10:11:12 2025
  from Sydney, Nsw via Telnet
- Bob Worm
  Sun Jun 1 21:37:25 2025
  from Wales, Uk via Telnet
- Gwylbert
  Sun Jun 1 12:06:10 2025
  from Sydney, Nsw via Telnet
- Centurion
  Sat May 31 22:40:00 2025
  from Berea, Ohio via Telnet
- Bob Worm
  Sat May 31 22:37:33 2025
  from Wales, Uk via Telnet
- Bob Worm
  Sat May 31 22:22:24 2025
  from Wales, Uk via Telnet

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	483
Nodes:	16 (2 / 14)
Uptime:	15:14:40
Calls:	9,617
Calls today:	3
Files:	13,692
Messages:	6,156,365

Add option in Debian installer to skip secure delete step

Who's Online

Recent Visitors

System Info