PeterDeleting a file is a pretty simple task, right? Whether you're in a GUI or on the command line, it's really simple to delete a file. Once you've deleted it, it's gone. Except - no it's not.
When you delete a file, you just remove its index entry from your filesystem. You won't immediately be able to find it, but the data is still there and could potentially still be recovered. If you have sensitive data stored on your hard drive, you might want to ensure that certain information is deleted permanently and make it extremely difficult to recover.
Thankfully, most Linux distributions (and possibly some other Unix systems too) include a program called shred, which overwrites the file with random data before removing it from the index. This means that it becomes very difficult, if not impossible, to recover the file.
By default, the shred command actually just does the overwrite and doesn't unlink the file - remove it from the index. The idea of this is so that you can use it on whole partitions or drives, where you don't want to delete the device node.
To shred and then unlink a file, use shred like follows:
$ shred -u somefile
If you do want to work on a hard drive or other devices where you want to erase an entire device, don't pass in -u or you will end up deleting the device node too.
# shred /dev/sda1
In the above example, we shred the contents of the first partition on drive sda.
There are some more advanced options you can pass however. Firstly, if you want an extra step of paranoia, you can change the number of times the file or device will be overwritten with random data (the default is 25 times over). For example, if you want 50 times over:
$ shred -n 50 -u somefile
Finally, you can also specify a final overwrite with all zeroes as well which apparently is meant to disguise the fact you've been shredding data. This is easily accessible using the -z switch.
$ shred -z -u somefile
Of course, you can combine all of these options like so:
$ shred -z -u -n 250 veryimportanttodeletefile
Just make sure you're deleting the right thing before you hit enter, because once you do, there's no going back!
