A checked version of this page, approved on 6 February 2023, was based on this revision.

url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

1. Migrate to dracut. ^[1]

It's required to migrate to dracut if not already done. There's a small chance of the system getting unbootable because this changes the initrd creation tool. This might only happen on systems with unusual configurations. The author is not aware of any actual issues but it is prudent to always have a backup and be careful. If there are any issues with dracut, please do not report such issues here since these are totally unspecific to Kicksecure.

Install package(s) dracut following these instructions

Platform specific notice.

Kicksecure: No special notice.
Kicksecure-Qubes: In Template.

Update the package lists and upgrade the system.

Click = Copy Copied to clipboard! sudo apt update && sudo apt full-upgrade

Install the dracut package(s).

Using apt command line --no-install-recommends option is in most cases optional.

Click = Copy Copied to clipboard! sudo apt install --no-install-recommends dracut

Platform specific notice.

Kicksecure: No special notice.
Kicksecure-Qubes: Shut down Template and restart App Qubes based on it as per Qubes Template Modification.

Done.

The procedure of installing package(s) dracut is complete.

2. Reboot.

This is to test if dracut is functional.

3. Add Kicksecure APT repository.

NOTE: Users of Kicksecure can skip this step.

1. Download the Signing Key.

Click = Copy Copied to clipboard! wget https://www.kicksecure.com/keys/derivative.asc

2. Optional: Check the Signing Key for better security.

3. Add Kicksecure signing key.

Click = Copy Copied to clipboard! sudo cp derivative.asc /usr/share/keyrings/derivative.asc

4. Kicksecure APT repository choices.

Optional: See Kicksecure Packages for Debian Hosts and Kicksecure Host Enhancements instead of the next step for more secure and complex options.

5. Add Kicksecure APT repository.

Click = Copy Copied to clipboard! echo "deb [signed-by=/usr/share/keyrings/derivative.asc] https://deb.kicksecure.com trixie main contrib non-free" | sudo tee /etc/apt/sources.list.d/derivative.list

4. Install ram-wipe.

Install package(s) ram-wipe following these instructions

Platform specific notice.

Kicksecure: No special notice.
Kicksecure-Qubes: In Template.

Update the package lists and upgrade the system.

Click = Copy Copied to clipboard! sudo apt update && sudo apt full-upgrade

Install the ram-wipe package(s).

Using apt command line --no-install-recommends option is in most cases optional.

Click = Copy Copied to clipboard! sudo apt install --no-install-recommends ram-wipe

Platform specific notice.

Kicksecure: No special notice.
Kicksecure-Qubes: Shut down Template and restart App Qubes based on it as per Qubes Template Modification.

Done.

The procedure of installing package(s) ram-wipe is complete.

5. Done.

The process of installing ram-wipe has been completed.

Sample Printout Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Ram-wipe?direction=next&oldid=67663#Sample_Printout Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Ram-wipe#Sample_Printout|Sample Printout]]
Copy as Wikitext Click = Copy Copied to clipboard! [Sample Printout](https://www.kicksecure.com/wiki/Ram-wipe?direction=next&oldid=67663#Sample_Printout)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Sample Printout](https://www.kicksecure.com/wiki/Ram-wipe?direction=next&oldid=67663#Sample_Printout)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Ram-wipe?direction=next&oldid=67663#Sample_Printout]Sample Printout[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Boot Printout Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Ram-wipe?direction=next&oldid=67663#Boot_Printout Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Ram-wipe#Boot_Printout|Boot Printout]]
Copy as Wikitext Click = Copy Copied to clipboard! [Boot Printout](https://www.kicksecure.com/wiki/Ram-wipe?direction=next&oldid=67663#Boot_Printout)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Boot Printout](https://www.kicksecure.com/wiki/Ram-wipe?direction=next&oldid=67663#Boot_Printout)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Ram-wipe?direction=next&oldid=67663#Boot_Printout]Boot Printout[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Loading Linux 5.10.0-21-amd64 ...
Loading initial ramdisk ...
[    1.901368] dracut-pre-udev[164]: INFO: wipe-ram-exit.sh: Skip, because wiperamexit kernel parameter is unset, OK.
[    1.937683] dracut-pre-trigger[186]: INFO: wipe-ram-exit-needshutdown.sh: normal boot...
[    3.899932] dracut-pre-pivot[355]: INFO: wipe-ram-needshutdown.sh: wiperam=force kernel parameter detected, OK.
[    3.901024] dracut-pre-pivot[355]: INFO: wipe-ram-needshutdown.sh: Calling dracut function need_shutdown to drop back into initramfs at shutdown, OK.
[    5.633977] cold-boot-attack-defense-status[600]: /usr/libexec/ram-wipe/cold-boot-attack-defense-status: INFO: Will run at shutdown, ok.

Shutdown Printout Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Ram-wipe?direction=next&oldid=67663#Shutdown_Printout Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Ram-wipe#Shutdown_Printout|Shutdown Printout]]
Copy as Wikitext Click = Copy Copied to clipboard! [Shutdown Printout](https://www.kicksecure.com/wiki/Ram-wipe?direction=next&oldid=67663#Shutdown_Printout)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Shutdown Printout](https://www.kicksecure.com/wiki/Ram-wipe?direction=next&oldid=67663#Shutdown_Printout)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Ram-wipe?direction=next&oldid=67663#Shutdown_Printout]Shutdown Printout[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

cold-boot-attack-defense-kexec-prepare[1384]: INFO: wiperamaction: poweroff
[   42.122900] cold-boot-attack-defense-kexec-prepare[1384]: kexec --load /boot//vmlinuz-5.10.0-21-amd64 --initrd=/boot//initrd.img-5.10.0-21-amd64 --reuse-cmdline --append=wiperamexit=yes wiperamaction=poweroff
[   42.628331] cold-boot-attack-defense-kexec-prepare[1384]: OK.
[   43.252013] dracut Warning: Killing all remaining processes
dracut Warning: Killing all remaining processes
[   43.343133] dracut Warning: Unmounted /oldroot.
[   43.356100] dracut INFO: wipe-ram.sh: wiperam=force detected, OK.
dracut INFO: wipe-ram.sh: wiperam=force detected, OK.
[   43.359471] dracut INFO: wipe-ram.sh: Cold boot attack defense... Starting first RAM wipe pass on shutdown... (1/2)
dracut INFO: wipe-ram.sh: Cold boot attack defense... Starting first RAM wipe pass on shutdown... (1/2)
Starting Wiping the memory, press Control-C to abort earlier. Help: "sdmem -h"
Wipe mode is insecure (one pass with 0x00)
**************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************[   45.821857] sdmem invoked oom-killer: gfp_mask=0x100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), order=0, oom_score_adj=0
[   45.823166] CPU: 2 PID: 1555 Comm: sdmem Tainted: G           OE     5.10.0-21-amd64 #1 Debian 5.10.162-1
[   45.832277] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[   45.833921] Call Trace:
[   45.834447]  dump_stack+0x6b/0x83
[   45.834947]  dump_header+0x4a/0x1f4
[   45.835366]  oom_kill_process.cold+0xb/0x10
[   45.836044]  out_of_memory+0x1bd/0x4e0
[   45.836555]  __alloc_pages_slowpath.constprop.0+0xbcc/0xc90
[   45.837541]  ? _raw_spin_unlock_irqrestore+0x11/0x20
[   45.838426]  __alloc_pages_nodemask+0x2de/0x310
[   45.839773]  alloc_pages_vma+0x80/0x270
[   45.840287]  handle_mm_fault+0xead/0x1c00
[   45.840895]  do_user_addr_fault+0x1b8/0x400
[   45.841461]  exc_page_fault+0x78/0x160
[   45.841958]  ? asm_exc_page_fault+0x8/0x30
[   45.842353]  asm_exc_page_fault+0x1e/0x30
[   45.842726] RIP: 0033:0x7283823800b3
[   45.843114] Code: 47 10 f3 0f 7f 44 17 e0 f3 0f 7f 47 20 f3 0f 7f 44 17 d0 f3 0f 7f 47 30 f3 0f 7f 44 17 c0 48 01 fa 48 83 e2 c0 48 39 d1 74 c0 <66> 0f 7f 01 66 0f 7f 41 10 66 0f 7f 41 20 66 0f 7f 41 30 48 83 c1
[   45.845266] RSP: 002b:00007ffee2e30728 EFLAGS: 00010206
[   45.845898] RAX: 000057d0fb8c74e0 RBX: 000057cfb761d280 RCX: 000057d0fb8d5000
[   45.846797] RDX: 000057d0fb8d74c0 RSI: 0000000000000000 RDI: 000057d0fb8c74e0
[   45.847665] RBP: 00007ffee2fe0938 R08: 000057d0fb8c74e0 R09: 00007283824aabe0
[   45.848535] R10: 000000000000007e R11: 0000000000000000 R12: 000057d0fb8b74d0
[   45.855760] R13: 0000000000000000 R14: 0000000000000008 R15: 0000000000000000
[   45.856702] Mem-Info:
[   45.857046] active_anon:721 inactive_anon:946309 isolated_anon:0
[   45.857046]  active_file:0 inactive_file:0 isolated_file:0
[   45.857046]  unevictable:0 dirty:0 writeback:0
[   45.857046]  slab_reclaimable:3024 slab_unreclaimable:6463
[   45.857046]  mapped:722 shmem:10150 pagetables:2600 bounce:0
[   45.857046]  free:21817 free_pcp:907 free_cma:0
[   45.860910] Node 0 active_anon:2884kB inactive_anon:3785236kB active_file:0kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2888kB dirty:0kB writeback:0kB shmem:40600kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:1440kB all_unreclaimable? yes
[   45.864676] Node 0 DMA free:15396kB min:268kB low:332kB high:396kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   45.867903] lowmem_reserve[]: 0 3454 3894 3894 3894
[   45.868595] Node 0 DMA32 free:61244kB min:59696kB low:74620kB high:89544kB reserved_highatomic:0KB active_anon:160kB inactive_anon:3428080kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3653568kB managed:3558516kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:3212kB local_pcp:328kB free_cma:0kB
[   45.871791] lowmem_reserve[]: 0 0 440 440 440
[   45.873020] Node 0 Normal free:10628kB min:11708kB low:13608kB high:15508kB reserved_highatomic:0KB active_anon:2724kB inactive_anon:356824kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:524288kB managed:451212kB mlocked:0kB pagetables:10400kB bounce:0kB free_pcp:416kB local_pcp:220kB free_cma:0kB
[   45.878204] lowmem_reserve[]: 0 0 0 0 0
[   45.879309] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15396kB
[   45.882343] Node 0 DMA32: 359*4kB (UE) 329*8kB (UME) 206*16kB (UME) 83*32kB (UE) 35*64kB (UE) 5*128kB (UE) 5*256kB (UME) 4*512kB (E) 2*1024kB (UE) 1*2048kB (U) 10*4096kB (M) = 61284kB
[   45.885362] Node 0 Normal: 56*4kB (UME) 101*8kB (UME) 212*16kB (UME) 120*32kB (UME) 43*64kB (UME) 2*128kB (E) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 11272kB
[   45.898876] 10150 total pagecache pages
[   45.900518] 0 pages in swap cache
[   45.901931] Swap cache stats: add 0, delete 0, find 0/0
[   45.903342] Free swap  = 0kB
[   45.904461] Total swap = 0kB
[   45.905653] 1048462 pages RAM
[   45.906944] 0 pages HighMem/MovableOnly
[   45.908826] 42053 pages reserved
[   45.909921] 0 pages hwpoisoned
[   45.911114] Out of memory: Killed process 1555 (sdmem) total-vm:5283280kB, anon-rss:3745880kB, file-rss:4kB, shmem-rss:1232kB, UID:0 pgtables:10376kB oom_score_adj:0
/usr/sbin/wipe-ram-shutdown-helper: line 23:  1555 Killed                  sdmem -l -l -v
[   46.386353] dracut INFO: wipe-ram.sh: First RAM wipe pass completed, OK. (1/2)
dracut INFO: wipe-ram.sh: First RAM wipe pass completed, OK. (1/2)
[   46.393183] dracut INFO: wipe-ram.sh: Checking if there are still mounted encrypted disks...
dracut INFO: wipe-ram.sh: Checking if there are still mounted encrypted disks...
[   46.399212] dracut INFO: wipe-ram.sh: Success, there are no more mounted encrypted disks, OK.
dracut INFO: wipe-ram.sh: Success, there are no more mounted encrypted disks, OK.
[   46.402562] dracut INFO: wipe-ram.sh: Now running 'kexec --exec'...
dracut INFO: wipe-ram.sh: Now running 'kexec --exec'...
[    1.666717] dracut-pre-udev[162]: INFO: wipe-ram-exit.sh: wiperamexit=yes kernel parameter detected, OK.
[    1.667591] dracut-pre-udev[162]: INFO: wipe-ram-exit.sh: Cold boot attack defense... Starting second RAM wipe pass on shutdown... (2/2)
[FAILED] Failed to start dracut pre-udev hook.
[    3.902631] dracut-pre-trigger[176]: INFO: wipe-ram-exit-needshutdown.sh: poweroff...
[    3.905037] dracut-pre-trigger[179]: Powering off.
[    3.906967] reboot: Power down

↑ Since ram-wipe is unavailable for initramfs the user needs to change dracut, the only supported initrd creator by ram-wipe.

[1] Since ram-wipe is unavailable for initramfs the user needs to change dracut, the only supported initrd creator by ram-wipe.

[1]

Ram-wipe

Contents

Navigation menu

Ram-wipe

Navigation menu

Search