Shred a single file
Securely delete a file called /home/vivek/login.txt:$ shred -u ~/login.txt
You can add a final overwrite with zeros to hide shredding:$ shred -u -x ~/login.txt
Where,
- -u : Remove file after overwriting
- -x : Add a zero to hide shredding
- -n NUM : Overwrite NUM times instead of the default 25
Shred a multiple files
Let us say you have 100 subdirectories and just wanted to get rid of all files:$ find -t f . -exec shred -u '{}' ;
If you have many files consider a running job in background using nohup – (execute commands after you exit from a shell prompt over ssh session):$ nohup find -t f /var/www/ -exec shred -n30 -u '{}' ; &
Shred drawbacks
- Shred doesn’t go well with log-structured or journaled file systems, such as JFS, ReiserFS, XFS, Ext3, etc.
- Compressed file systems
- RAID-based file systems
- NETApps (Network Appliance’s) NFS server
So how do I wipe on journaling file systems?
There is no simple solution. I’ve tried different techniques.
You can store sensitive data on ext2 or fat32 file system and easily delete files. According to shred man page:
In the case of ext3 file systems, the above disclaimer applies (and shred is thus of limited effectiveness) only in data=journal mode, which journals file data in addition to just metadata. In both the data=ordered (default) and data=writeback modes, shred works as usual. Ext3 journaling modes can be changed by adding the data=something option to the mount options for a particular file system in the /etc/fstab file, as documented in the mount man page (man mount).
Someone suggested to use disk encryption to store data that needs to be wiped.
Run shred on entire partition:# shred -n 30 -vz /dev/hdb2
On remote computer, use nohup:# nohup shred -n 30 -vz /dev/sdb1 &
Output:
shred: /dev/sdb1: pass 1/26 (random)...
shred: /dev/sdb1: pass 1/26 (random)...1013MiB/234GiB 0%
shred: /dev/sdb1: pass 1/26 (random)...1014MiB/234GiB 0%
shred: /dev/sdb1: pass 1/26 (random)...1.9GiB/234GiB 0%
shred: /dev/sdb1: pass 1/26 (random)...2.0GiB/234GiB 0%
shred: /dev/sdb1: pass 1/26 (random)...3.0GiB/234GiB 1%
shred: /dev/sdb1: pass 1/26 (random)...3.1GiB/234GiB 1%
shred: /dev/sdb1: pass 1/26 (random)...4.0GiB/234GiB 1%
shred: /dev/sdb1: pass 1/26 (random)...4.1GiB/234GiB 1%
shred: /dev/sdb1: pass 1/26 (random)...5.0GiB/234GiB 2%
shred: /dev/sdb1: pass 1/26 (random)...5.1GiB/234GiB 2%
shred: /dev/sdb1: pass 1/26 (random)...6.1GiB/234GiB 2%
......
..
...
And finally you can always destroy hard disk physically, perhaps through a hard drive in hot melting metal. If you just need to securely wipes the hard disks use dban – Derik’s Boot and Nuke.