71
E-Business Server
™
8.6
Product Guide
Advanced Topics
Wiping your disk
ebs --encrypt --text <plaintext_filename> --user <recipient’s_userID>
E-Business Server includes an environment variable that corresponds to the
--text
option,
TEXTMODE
. If you
consistently receive plaintext files rather than binary data, set
TEXTMODE=on
in the E-Business Server
configuration file. For more information on setting configuration parameters, see
Using the Configuration File
on page 86
.
Wiping your disk
After E-Business Server produces a ciphertext file for you, you can request E-Business Server to
automatically overwrite and delete the plaintext file, leaving no trace of plaintext on the disk. Use the
--wipe
option when a plaintext file contains sensitive information; it prevents someone from recovering the file with
a disk block scanning utility.
ebs --encrypt --wipe <plaintext_filename> --user <recipient’s_userID>
For example:
ebs --encrypt --wipe confidential.txt mjohnson
This instructs E-Business Server to create a ciphertext file
confidential.pgp
and to destroy the plaintext file
confidential.txt
.
Note that this option will not wipe out any fragments of plaintext that your word processor might have
created on the disk while you were editing the message before running E-Business Server. Most word
processors create backup files, scratch files, or both.
By default, E-Business Server overwrites the file three times. If you want to specify the number of times
E-Business Server overwrites the file, and not use the default, add the
--wipe-passes
modifier as shown
below.
ebs --encrypt --wipe <plaintext_filename> --user <recipient’s_userID> --wipe-passes <number of times>
You can also set the
WIPE-PASSES
parameter in the E-Business Server configuration file. For more information,
see
WIPE-PASSES
on page 110
.
Wiping a sensitive data file
To wipe the contents of a data file without encrypting it, use the
--wipe
option.
By default, E-Business Server overwrites the file three times. If you want to specify the number of times
E-Business Server overwrites the file, and not use the default, add the
--wipe-passes
modifier as shown
below.
ebs --wipe <filename1> <filename2> <filename3>... [--wipe-passes <number of times>]
Wiping your smart card
Note:
The smart card must be in your smart card reader.
Before you can wipe your smart card, you must specify the smart card type using the
SMARTCARD-TYPE
parameter in the E-Business Server configuration file or by setting it on the command line using
--smartcard-type.
For more information, see
SMARTCARD-TYPE
on page 105
.
If you are using a smart card other than one that we have listed as being supported, then you must set the
SMARTCARD-TYPE
to
other
, as well as specify the path to the DLL to use with it by setting the
SMARTCARD-DLL
parameter. You can also set this on the command line using
--smartcard-dll
. For more information on
specifying the DLL, see
SMARTCARD-DLL
on page 105
.