Data is sensitive, and when you have data stored in files, having a secure way to delete if often a challenge. There could be situations where you want to give out your disk and ensure no one can probe the data on it.
In this tutorial, we learn about the shred command in Linux to securely delete data.
Shred Command
The shred command is a Linux program that lets users overwrite a file to ensure the file data can't be recovered. This makes it much harder for any external tool to recover the data.
In case someone gains access to your system, they can probe the deleted data using a data recovery tool and retrieve it. To avoid such a scenario, you must use the shred command.
How does the shred command work? Shred overwrites a file's data randomly and repeatedly. The shredded file can then be deleted from the file system using other commands like rm.
Syntax
shred [options] [filename]Shred vs rm
Shred and rm are used to remove a file from file systems. However, they have two main differences.
First, the rm command only deletes the pointer to a given file system, but that doesn't wipe the data from the disk. However, a shredded file has its data overwritten several times, making it unrecoverable.
The other difference is that the rm command is faster at deleting files, as only the pointer gets removed. However, shredding takes time as the data in the file has to be randomly overwritten before you optionally delete the file.
Shred Examples
Let's check some of the useful shred command examples. As these commands destroy the data, make sure to back up your files or disk.
Example 1: Overwrite the contents of the file
When the shred command run without any options it overwrites the file with random data by 3 passes. You may add -v option for verbosity.
shred file1.txt
You can use cat command to confirm the file contents and then delete the file using rm.
Example 2: Wipe Hard Disk or Partition
When disposing of a hard disk, for the safe side you can securely erase the contents. Use the following shred command to wipe your drive:
sudo shred -vfz /dev/sdaThe -v option represents verbose.
The -f implies the shred will forcefully overwrite the file, even if it means changing the file permissions to allow writing.
The -z option allows overwriting the file with zeros to hide shredding from file systems.
Note: For SSD disks it's not recommended to use the shred command, instead use hdparm command to issue a Secure Erase.
Example 3: Overwrite and delete a file
When shredding a file, you also want to delete it to create space on your file systems. In that case, use the -u option to overwrite and remove file.
shred -uzv file1.txt
The -u option by default overwrites 4 times unless the -n option is specified. The -z option adds a final overwrite with zeros to hide shredding. Finally, the file is removed from the filesystem.
Example 4: Overwrite only specific bytes
You can specify the specific bytes to shred by using the -s option by adding the number of bytes.
The following command shreds 20 bytes from the file named file2.txt.
shred -s 20 file2.txt
Example 5: Change the number of times overwritten
By default, the shred command overwrites a file through three passes. You can specify the number of passes using the -n option.
The following command overwrites the file through 5 passes in verbose mode:
shred -vn 5 file2.txt
Example 6: Shred Complete Directory
In the case of a directory, you can shred its contents recursively. To do so, use the find command to locate it, then execute the shred command with any option.
For example, the following command finds a directory named linux1, then recursively shreds all files it contains.
find ./Desktop/linux1/ -type f -exec shred {} -v \;
Example 7: Verbose mode
When shredding a file, you may display the shred output by adding the -v option.
For instance, let's shred a file named file2.txt in verbose mode, as follows:
shred -v file2.txt
This gives more visibility into what the command actually does.
Linux Shred Options
Some of the useful shred command options are:
| Options | Description |
|---|---|
| -v | Activate the verbose mode |
| -n | Specify the number of times to overwrite data |
| -u | Shred and remove a file |
| -s | Specify the shred size. |
| -z | Hide shredding by adding zeros to final overwrite |
| -f | Used to allow overwriting of files by changing the file permissions |
| –version | It displays the shred version |
| –help | It opens the help page for the shred command |
File systems which shred not effective
As per man pages, the following file systems on which shred is not guaranteed to be effective in all file system modes:
- log-structured or journaled file systems, such as those supplied with AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)
- file systems that write redundant data and carry on even if some writes fail, such as RAID-based file systems
- file systems that make snapshots, such as Network Appliance's NFS server
- file systems that cache in temporary locations, such as NFS version 3 clients
- compressed file systems
Conclusion
We have seen, shred is a much safer way to delete files than the rm command.
Thanks for reading so far, please leave your suggestions and feedback in the comment section.
Navigate all-in-one place of Linux Commands for more learning.
About The Author
Bobbin Zachariah
Bobbin Zachariah is an experienced Linux engineer who has been supporting infrastructure for many companies. He specializes in Shell scripting, AWS Cloud, JavaScript, and Nodejs. He has qualified Master's degree in computer science. He holds Red Hat Certified Engineer (RHCE) certification.
I used the shred command to wipe my hard drive on my Linux mint system. The problem is, now I can’t reinstall a new version of Linux or use the hard drive at all.
All I get is a message saying “invalid partition table”. I can get to the bios setup, and try numerous methods and settings, but nothing works. It appears the hard drive is toast now.
Hi Norman,
If its already on UEFI still not working.
Use live USB and then run boot repair.
Verify UEFI partition already exists, if not need to create