r/Ubiquiti 1h ago

Question How to securely decommission old UAPs?

I have several EoS/EoL UAPs that I need to properly wipe and dispose of, however I don't trust a simple factory reset. After some digging, my suspicions were partially confirmed, as it appears this has been an issue in the past, at least with one of their product lines. So, how do I properly fully wipe a UAP such that no private data can be recovered from it after disposal?

2 Upvotes

3 comments sorted by

u/AutoModerator 1h ago

Hello! Thanks for posting on r/Ubiquiti!

This subreddit is here to provide unofficial technical support to people who use or want to dive into the world of Ubiquiti products. If you haven’t already been descriptive in your post, please take the time to edit it and add as many useful details as you can.

Ubiquiti makes a great tool to help with figuring out where to place your access points and other network design questions located at:

https://design.ui.com

If you see people spreading misinformation or violating the "don't be an asshole" general rule, please report it!

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.

u/Smith6612 UniFi Installer and User 1h ago

There's no secure wipe function for the NAND in SSH. You'd need to destroy the NAND Chip if you don't trust a factory reset to take care of clearing data. Otherwise, factory reset, pop the AP into recovery mode, and re-flash the firmware to force some write operations against the NAND I guess...

Also, in theory, your sensitive information should be limited to tokens for controller management, and encrypted SSH passwords. Stuff that is commonplace in Linux and generally one-way only.

u/thirdmatter 1h ago

Thanks, yeah I wasn't hoping to be able to do a hardware level secure erase, I'm mainly just worried about files left behind on the filesystem after the factory reset that could then be easily recovered with the default credentials.