Saturday, October 20, 2007

Shred it!




Have a top-secret file that you want to delete? A file that you don't want to recover by you or anyone else?

Use the shred command:
#shred

By default, the shred overwrites the target file 25 times. But, it does not delete the file per se.

I usually want to overwrite AND delete it.

#shred -uvz -n 50 topsecret.txt

The -u flag will actually remove the file after overwriting it.
The -n specifies the number of overwriting passes: 50 in this example.
The -z flag will add a pass at the end to zero out the data.

Add in a -v (verbose) flag to see the shredding in action.

Disclaimer: Please read the man page of the shred command. Shred is not effective against certain types of file systems, journaling file systems being the notable example. Shred is NOT effective for ext3, (the default file system for most modern Linux distributions), if your ext3 partition is mounted in data=journal mode. In the journal mode, file data in addition to just metadata are stored in the journal. According to the man page, shred works as usual in both the data=ordered (default) and data=writeback modes.

If you are not sure about the data mode for your ext3 partitions, display /etc/fstab and look for data= for your ext3 partitions.
$more /etc/fstab

4 comments:

Anonymous said...

It doesn't work on file systems - XFS, Reiser JFS and RAID.. :-(

Arky said...

wipe is another way to secure way to delete content off the disk.

Russell Richardson said...

Im using linux on a virtual machine at home would this command still work on a virtual hard drive cause i have read some people have issues with Vmware

BandMsecureshreddingmanchester said...

Not sure this would work on every file