Zeroizing the System
To zeroize your device, follow the below procedure:
-
Login to the device as Crypto Officer and from CLI, enter the following
command.
crypto-officer@host> request vmhost zeroize no-forwarding VMHost Zeroization : Erase all data, including configuration and log files ? [yes,no] (no) yes
- To initiate the zeroization process, type yes at the prompt:
Erase all data, including configuration and log files? [yes, no] (no) yes VMHost Zeroization : Erase all data, including configuration and log files ? [yes,no] (no) yes warning: Vmhost will reboot and may not boot without configuration warning: Proceeding with vmhost zeroize Zeroise secondary internal disk ... Proceeding with zeroize on secondary disk Mounting device in preparation for zeroize... Cleaning up target disk for zeroize ... Zeroize done on target disk. Zeroize of secondary disk completed Zeroize primary internal disk ... Proceeding with zeroize on primary disk /etc/ssh/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_rsa_key.pub /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.pub /etc/ssh/ssh_host_rsa_key Mounting device in preparation for zeroize... Cleaning up target disk for zeroize ... Zeroize done on target disk. Zeroize of primary disk completed Zeroize done warning: Proceeding with vmhost reboot Initiating vmhost reboot...
The entire operation can take considerable time depending on the size of the media, but all critical security parameters (CSPs) are removed within a few seconds. The physical environment must remain secure until the zeroization process is complete.