Delete files securely with shred

Deleting a file is a pretty simple task, right? Whether you're in a GUI or on the command line, it's really simple to delete a file. Once you've deleted it, it's gone. Except - no it's not.

When you delete a file, you just remove its index entry from your filesystem. You won't immediately be able to find it, but the data is still there and could potentially still be recovered. If you have sensitive data stored on your hard drive, you might want to ensure that certain information is deleted permanently and make it extremely difficult to recover.

Thankfully, most Linux distributions (and possibly some other Unix systems too) include a program called shred, which overwrites the file with random data before removing it from the index. This means that it becomes very difficult, if not impossible, to recover the file.

By default, the shred command actually just does the overwrite and doesn't unlink the file - remove it from the index. The idea of this is so that you can use it on whole partitions or drives, where you don't want to delete the device node.

To shred and then unlink a file, use shred like follows:

$ shred -u somefile

If you do want to work on a hard drive or other devices where you want to erase an entire device, don't pass in -u or you will end up deleting the device node too.

# shred /dev/sda1

In the above example, we shred the contents of the first partition on drive sda.

There are some more advanced options you can pass however. Firstly, if you want an extra step of paranoia, you can change the number of times the file or device will be overwritten with random data (the default is 25 times over). For example, if you want 50 times over:

$ shred -n 50 -u somefile

Finally, you can also specify a final overwrite with all zeroes as well which apparently is meant to disguise the fact you've been shredding data. This is easily accessible using the -z switch.

$ shred -z -u somefile

Of course, you can combine all of these options like so:

$ shred -z -u -n 250 veryimportanttodeletefile

Just make sure you're deleting the right thing before you hit enter, because once you do, there's no going back!

Avatar for peter Peter Upfold - http://peter.upfold.org.uk/

Peter Upfold is a technology enthusiast from the UK. Peter’s interest in Linux stems back to 2003, when curiosity got the better of him and he began using SUSE 9.0. Now he runs Linux Mint 9 on the desktop, runs a CentOS-based web server from home for his personal website and dabbles in all sorts of technology things across the Windows, Mac and open source worlds.

Home » Articles »

Discussion: Delete files securely with shred

  1. Mike (guest)

    # Posted on 17 September 2007 at 11:14 AM

    Looking at the man page, it seems that shred is not useful on any of the popular modern filesystems including ext3? Any workaround?



  2. kern (guest)

    # Posted on 25 September 2007 at 01:50 AM

    shred will erase the file(s) as they stands and to most non hacker types, it's fairly much unrecoverable. Data carving may reveal traces left around the filesystem though.

    Just a side note, you can combine the operators with one instance of " - " ie shred -vuzn 33 test.txt And NEVER use shred with * file operator. Simple typo, disastrous result. Compare (do not run this) shred -vuzn test* with shred -vuzn test * in your home/root directory

    Secure Workaround: (Not for novices - if you make mistakes u can lose everything)

    You need also to wipe swap space, and empty space. Check a program called securedelete from freeworld.thc.org . Read the instructions very carefully before you install and use (as root), and check the program file "the_cleaner" to set your own preferences. Then run it to do all 3 jobs together. If it won't run, check where you installed, and add it to the PATH or create links in /usr/bin. If you have a modern large drive, theres no need to set it to 38 passes. It would take forever and isn't necessary. hth Kern Just to mention again You could lose everything if you screw up with shred/etc



  3. # Posted on 25 September 2007 at 02:45 AM

    [...] Más info. [...]



  4. # Posted on 27 September 2007 at 10:30 AM

    [...] off the hard drive. With only seven steps, it’s as intense as some other online tutorials. This post at FOSSwire describes a resident program in most Linux and some UNIX distributions called shred. Again, it doesn’t [...]



  5. # Posted on 17 October 2007 at 12:00 PM

    [...] off the hard drive. With only seven steps, it’s as intense as some other online tutorials. This post at FOSSwire describes a resident program in most Linux and some UNIX distributions called shred. Again, it doesn’t [...]



  6. Tony (guest)

    # Posted on 01 December 2008 at 07:29 PM

    I have a SAN system that uses standard SATA drives, so I purchased multiple drives for the unit and installed them myself. The problem is that it somehow formats the disk to spin backwards. I no longer need that SAN and want to migrate the disks over to my new one. I have no data stored on the disk currently, but the new SAN spins the disk in the standard direction. Do you know if the "shred" command will wipe out the boot sector (or whatever part of the disk that tells it what direction to spin)? If it does not, do you know how I could fix this issue?



Home » Articles » Delete files securely with shred