If I understand your question correctly, you trying to ensure that the
encryption key for your existing OpenBSD installation is specifically
destroyed before re-using the disk, to protect against the possibility
that
somebody with access to the disk could use that key to decrypt the
softraid
crypto partition before the encrypted data has been overwritten simply
due to
regular usage of the disk after re-installation.
There is no specific tool in the OpenBSD base system to do this.
However the key material for an OpenBSD softraid cypto partition is
stored
along with the other softraid metadata at the beginning of the
partition, so
it can quickly and easily be overwritten using dd to write random data
to the
first megabyte or so.
This is what I was looking for. You understood my question perfectly.
I just have to know how to overwrite softraid metadata of my partition
because
it's not a the begining of the drive so I guess it's not the first
megabyte.
Thanks.
--
kz
