Sometimes we have to erase all the information from our disk in a way that ensures it is impossible to recover. The most typical reason for completely and irreversibly deleting a device is when, for example, it is to be given away or sold.
Many users probably believe that deleting their data using the file manager or the rm command ensures security. The truth, however, is slightly different.
Using the rm command or a file manager to delete files just removes the pointer to the filesystem. So the original data is still available. As a result, with a high probability, a considerable portion of this data can be recovered using specific techniques.
However, wiping the disk with one of the following commands, shred, dd, or wipe, assures that the information you erased is unrecoverable. So, let us show you how to do it.
Erasing Disk Using shred Command
We start with the shred command because it is one of the best ways to protect your private data on a Linux system.
The command helps in overwriting the data several times, such that it can only be recovered with extreme difficulty, if at all, using specialized hardware. That is why it is frequently used to erase data securely.
Because shred is part of the coreutils package in Linux, you most likely have the command available by default on your system. It uses three passes by default, writing pseudo-random data to the device during each run.
For example, if you want to erase a device that is present as /dev/sdb on your Linux system, the command would be as follows:
sudo shred -v /dev/sdb
We’ve included the -v (--verbose) option to see the disk wipe operation in detail.
However, the time required to complete these three subsequent cycles will be lengthy. Fortunately, we can specify shred to perform only one loop using the -n (--iterations=) option.
sudo shred -v -n 1 /dev/sdb
Of course, we can improve the reliability of wiping data from disk by adding a few more options to the shred command.
First, we’ll specify that the disk is overwritten with randomly generated data by using the --random-source=/dev/urandom option. Linux’s special file /dev/urandom provides an interface to the kernel’s random number generator.
Finally, we’ll use the -z (--zero) option to overwrite everything thus far with 0.
sudo shred -v -n 1 --random-source=/dev/urandom -z /dev/sdbCode language: JavaScript (javascript)
Running this command gives us high confidence that restoring the data previously saved on it is virtually impossible once the disk has been erased in this manner.
Erasing Disk Using wipe Command
You can completely erase data from your disk with the wipe command. As the name suggests, the command is used to wipe data from a disk.
The wipe command rewrites the sector and flushes the cache, making data recovery impossible or extremely difficult.
However, on most Linux systems, the wipe command is not installed by default, so you will need first to install it using your package manager, such as APT, DNF, Pacman, etc. Then, please search for a package named wipe and install it.
After that, using the wipe command is relatively straightforward. Just run it, followed by the path to the disk.
sudo wipe /dev/sdbErasing Disk Using dd Command
The dd command is another frequently used method for erasing a disk in Linux. Although the command is not explicitly meant to erase data from disk, like shred and wipe are, it is a widely used approach among Linux users.
For example, run the following command to securely and reliably erase all available information from a disk presented as a /dev/sdb device on your Linux system:
sudo dd if=/dev/urandom of=/dev/sdb bs=512 status=progressCode language: JavaScript (javascript)The wiping process is successfully finished when dd reports “No space left on device” and returns control.
Let’s break down the syntax:
if– The input file, we’ve used/dev/urandomto produce random data.of– The output file, in that case – our disk.bs– This is the block size (in bytes).
It should be noted that the size of the given block size significantly impacts the speed with which the operation will be completed. For example, the process may take days to complete if you choose the default block size value of 512 bytes and erase a multi-terabyte disk.
Therefore, we recommend using a bigger number for the block size when erasing the disk with the dd command, such as bs=4096 (4 KiB). As a result, this will significantly accelerate the process.
sudo dd if=/dev/urandom of=/dev/sdb bs=4096 status=progressCode language: JavaScript (javascript)
As can be seen, the operation here takes only 29 seconds, which is seven times faster than the 210 seconds required for an equivalent execution with a block size of 512.
In addition, similar to the above approach, the command below will overwrite the entire disk with strings of zeros rather than producing random data.
sudo dd if=/dev/zero of=/dev/sdb bs=4096 status=progressCode language: JavaScript (javascript)However, if security is your top priority, using /dev/urandom as more reliable is the way to go.
Conclusion
This guide shows you how to securely and reliably delete data from your hard disk using three basic Linux tools: shred, wipe, and dd. Whichever method you choose, you can be sure that the information you remove will be nearly impossible to recover.
However, we recommend using the shred command as your first choice for safe disk wiping under Linux.
We hope you found this guide helpful. We’d appreciate it if you could share your preferred approach to disk wiping in Linux in the comments below.
The DBAN live ISO has all what’s needed to erase disk or files too.
Interesting project but infortunatly has forked as blanco (non-free) wich is the same but with more functionalities.
Amen, I have seen to many people wipe the wrong disk with the command line, and then go to a forum for help. Even with DBAN, check, then check again, then check again, and then be sure before you hit wipe.
thanks a lot: simple, clear and effective.
While those methods are probably good enough, I opt for using ‘Secure Erase’ (which basically tells the hard drive itself to wipe the drive which temporarily requires unfreezing (‘not frozen’) the HDD with hdparm before you can proceed etc) when I want to properly wipe a hard drive. this is not as beginner friendly though.
but I imagine for general wiping of random data files here and there (on a regular hard drive (not a SSD)), the ‘shred’ command is sufficient, like for example.. “shred -n 0 -uvz NameOfFile.iso”
p.s. as I am sure some around here know, don’t use ‘shred’ etc on SSD as a ‘secure erase’ (which finishes in a few seconds or so on a SSD) is best for that since I think it essentially erases a encryption key internal to the drive at which point the data is basically deleted as while it did not overwrite anything, the data is encrypted on the drive and there is no way to read it without that key I think is the general idea. that’s why ‘Secure Erase’ only takes maybe a few seconds on a SSD where as a regular hard drive it has to overwrite everything on the drive and can take hours on a larger hard drive.