Networking | Programming | Security | Linux | Computer Science | About

shred: Securely delete files using shred

When it comes to the destruction of data, one tool stands out from the crowd on Linux systems: shred. This little binary lets you overwrite files if you need to hide their contents. Using shred, you can “just delete” files or, if necessary, overwrite a file repeatedly in order to help try and hide the file contents from even professional, mission­-impossible hardware.

Note, as stated in the manual for the shred utility, that only certain filesystems are compatible with its modus operandi. It requires a filesystem that overwrites the data “in place” to work effectively. As stated in the manual, shred won’t work as effectively on the following types of filesystems:

The long and short of it is that you can be pretty certain on filesystems other than those types listed that the shred utility has done its job admirably.

Installing shred

Let’s look at some of options the shred utility provides. The shred utility is part of the coreutils package, which should almost always be installed. As a result, if for some reason you can’t run shred on Debian derivatives, then install it using this command:

apt­get install coreutils

On Fedora and RHEL et al., you can try this:

yum install coreutils

I’m sure you get the idea. Incidentally, it will be highly unusual not to have coreutils installed, owing to the fact that all your basic file, text, and shell utilities come with it. It’s from whence ls and rm appear, for example.

Getting Started with shred

To get started, if you wanted to wipe an entire disk partition, you could begin as follows. This example targets the partition called sda3.

shred ­vfz ­n 25 /dev/sda3

Here’s how this command breaks down:

This action also applies to RAID partitions. And, with the simplest of adjustments, if you wanted to wipe an entire drive then you’d just drop the partition number off the end. Very carefully try something along the following lines on a test box, with fewer overwrites for a big disk: # shred ­vfz ­n 5 /dev/sdc If privacy is your greatest concern, you can simply increase the overwrite settings. There’s also another nice feature available in the shred utility. It lets you throw a file full of random data into the mix. You can achieve this by using this switch ­­random­source=FILENAME, where FILENAME refers to the name of your data file.

Published on Wed 08 February 2006 by Fiona Mogg in Linux with tag(s): shred linux