Delete files securely with shred

Deleting a file or reformatting a disk does not destroy your sensitive data. The data can easily be undeleted. That’s a good thing if you accidentally deletes a file, but what if you are trying to destroy secure data?

To make sure the data is unrecoverable by anyone, it needs to be overwritten.

The shred command lets you delete files or entire hard drives permanently by overwriting the data with random bits many times (25 by default). This totally destroys the original data and makes it almost impossible to recover.

Using shred

For shredding files you can run shred like this:

shred -z -u -n200 /home/secure_data/*

-z overwrite with zero’s the last time, to mask the shred process.
-u means delete when you’re done overwriting
-n200 means overwrite 200 times

Shred drives

* Overwriting 200 times might take too long when overwriting an entire drive, so let’s overwrite it 5 or 10 times.
* The device itself can’t be deleted so the “u” argument has to leave.
* We need to replace the /home/secure_data/* with your device name.

So now the command could look something like this:

shred -zn10 /dev/hda

This will totally erase everything on your hard drive. It’s best to do this from a Live CD, otherwise during the first run, it will begin missing some essential system files and you don’t want to crash the system before totally destroying all data.

Shred works best on an entire disk because there are journaling file systems that store duplicate bytes on others places on the disk delete it.

Leave a Reply

Your email address will not be published. Required fields are marked *