Could you please test the sdmem(1) — secure-delete — Debian bookworm — Debian Manpages command. Check the timing. How long the command requires to complete. Because the same time will be required on every reboot / shutdown.
Note: There’s a chance it might freeze a VM or host operating system. It didn’t happen to me yet but better to have this in mind.
Installation:
sudo apt update
sudo apt install secure-delete time
Disabling swap is required. Otherwise smem would fill up all RAM and the system highly likely to permanently freeze.
sudo swapoff --all
To verify that swap is off:
sudo swapon --show ; echo $?
Expected output:
0
Built-in help:
sudo sdmem -h
Default mode:
time sudo sdmem
Verbose mode:
time sudo sdmem -v
Probably better because it shows some progress.
For just a single pass of RAM wipe with zeros:
- without verbose mode:
-
time sudo sdmem -l -l
-
- with verbose mode:
-
time sudo sdmem -l -l -v
-
The time command is optional. Can be dropped. But useful here to measure how long it takes.
Default mode does, quote:
27 passes with special values defined by Peter Gutmann.
Not sure that is really necessary because if I remember right, Peter Gutmann was about hard drives, not RAM. Is there any research how many passes RAM wipe requires?
Should RAM wipe be skipped inside VMs for faster reboot / shutdown times? I am not sure about the dynamics of RAM wipe in VMs. In worst case, the VM might start use swap file on the host operating system. Therefore I tend to say RAM wipe should be skipped if a VM is detected.