This article shows you the three best ways to completely erase data from your disk using the dd, shred and wipe command.
Sometimes we have to erase all the information from our disk in a way that ensures it is impossible to recover. The most typical reason for completely and irreversibly deleting a device is when, for example, it is to be given away or sold.
Many users probably believe that deleting their data using the file manager or the
rm command ensures security. The truth, however, is slightly different.
rm command or a file manager to delete files just removes the pointer to the filesystem. So the original data is still available. As a result, with a high probability, a considerable portion of this data can be recovered using specific techniques.
However, wiping the disk with one of the following commands,
wipe, assures that the information you erased is unrecoverable. So, let us show you how to do it.
Erasing Disk Using shred Command
We start with the
shred command because it is one of the best ways to protect your private data on a Linux system.
The command helps in overwriting the data several times, such that it can only be recovered with extreme difficulty, if at all, using specialized hardware. That is why it is frequently used to erase data securely.
shred is part of the
coreutils package in Linux, you most likely have the command available by default on your system. It uses three passes by default, writing pseudo-random data to the device during each run.
For example, if you want to erase a device that is present as
/dev/sdb on your Linux system, the command would be as follows:
sudo shred -v /dev/sdb
We’ve included the
--verbose) option to see the disk wipe operation in detail.
However, the time required to complete these three subsequent cycles will be lengthy. Fortunately, we can specify shred to perform only one loop using the
sudo shred -v -n 1 /dev/sdb
Of course, we can improve the reliability of wiping data from disk by adding a few more options to the shred command.
First, we’ll specify that the disk is overwritten with randomly generated data by using the
--random-source=/dev/urandom option. Linux’s special file
/dev/urandom provides an interface to the kernel’s random number generator.
Finally, we’ll use the
--zero) option to overwrite everything thus far with 0.
sudo shred -v -n 1 --random-source=/dev/urandom -z /dev/sdb
Running this command gives us high confidence that restoring the data previously saved on it is virtually impossible once the disk has been erased in this manner.
Erasing Disk Using wipe Command
You can completely erase data from your disk with the
wipe command. As the name suggests, the command is used to wipe data from a disk.
wipe command rewrites the sector and flushes the cache, making data recovery impossible or extremely difficult.
However, on most Linux systems, the
wipe command is not installed by default, so you will need first to install it using your package manager, such as APT, DNF, Pacman, etc. Then, please search for a package named
wipe and install it.
After that, using the wipe command is relatively straightforward. Just run it, followed by the path to the disk.
sudo wipe /dev/sdb
Erasing Disk Using dd Command
dd command is another frequently used method for erasing a disk in Linux. Although the command is not explicitly meant to erase data from disk, like
wipe are, it is a widely used approach among Linux users.
For example, run the following command to securely and reliably erase all available information from a disk presented as a
/dev/sdb device on your Linux system:
sudo dd if=/dev/urandom of=/dev/sdb bs=512 status=progress
The wiping process is successfully finished when
dd reports “No space left on device” and returns control.
Let’s break down the syntax:
if– The input file, we’ve used
/dev/urandomto produce random data.
of– The output file, in that case – our disk.
bs– This is the block size (in bytes).
It should be noted that the size of the given block size significantly impacts the speed with which the operation will be completed. For example, the process may take days to complete if you choose the default block size value of 512 bytes and erase a multi-terabyte disk.
Therefore, we recommend using a bigger number for the block size when erasing the disk with the dd command, such as
bs=4096 (4 KiB). As a result, this will significantly accelerate the process.
sudo dd if=/dev/urandom of=/dev/sdb bs=4096 status=progress
As can be seen, the operation here takes only 29 seconds, which is seven times faster than the 210 seconds required for an equivalent execution with a block size of 512.
In addition, similar to the above approach, the command below will overwrite the entire disk with strings of zeros rather than producing random data.
sudo dd if=/dev/zero of=/dev/sdb bs=4096 status=progress
However, if security is your top priority, using
/dev/urandom as more reliable is the way to go.
This guide shows you how to securely and reliably delete data from your hard disk using three basic Linux tools: shred, wipe, and dd. Whichever method you choose, you can be sure that the information you remove will be nearly impossible to recover.
However, we recommend using the
shred command as your first choice for safe disk wiping under Linux.
We hope you found this guide helpful. We’d appreciate it if you could share your preferred approach to disk wiping in Linux in the comments below.
The DBAN live ISO has all what’s needed to erase disk or files too.
Interesting project but infortunatly has forked as blanco (non-free) wich is the same but with more functionalities.
Amen, I have seen to many people wipe the wrong disk with the command line, and then go to a forum for help. Even with DBAN, check, then check again, then check again, and then be sure before you hit wipe.