Minimize downtime from code errors

Self-Hosted AI Code Reviewer

Hexmos LiveReview AI-Powered Code Review
Live Review
AI-Powered Code Review

Shred Command - Securely Delete Files

Learn how to use the shred command to securely delete files and partitions. Understand its options for overwriting data and ensuring data is unrecoverable.

Shred Command

Securely Delete Files with Shred

The shred command is a powerful utility in Linux and Unix-like systems designed for securely deleting files. Unlike the standard rm command, which simply removes file pointers, shred overwrites the file's data multiple times with patterns and random data before deleting it. This process makes it significantly harder, if not impossible, to recover the original data, even with advanced forensic tools.

Understanding Shred Options

The shred command offers several options to customize the deletion process:

  • -n N or --iterations=N: Specifies the number of times to overwrite the file. The default is typically 3 passes, but increasing this number enhances security.
  • -v or --verbose: Shows the progress of the shredding operation, indicating which pass is currently being performed.
  • -z or --zero: Performs a final overwrite with zeroes to hide the fact that shredding has occurred.
  • -u or --remove: Truncates and removes the file after overwriting. This is equivalent to running rm after shredding.

Practical Shred Command Examples

Here are some common use cases for the shred command:

Shredding a File with Multiple Passes and Verbose Output

This command shreds the specified file 5 times, showing the progress:

# To shred a file (5 passes) and verbose output:
shred -n 5 -v <file>

Shredding with a Final Zero Overwrite

This command shreds the file 5 times, then overwrites it with zeroes, and shows progress:

# To shred a file (5 passes) and a final overwrite of zeroes:
shred -n 5 -vz <file>

Shredding, Zero Overwriting, and Removing the File

This is a comprehensive command that shreds, overwrites with zeroes, and then removes the file:

# To do the above, and then truncate and rm the file:
shred -n 5 -vzu <file>

Shredding a Partition

For more sensitive data, you can shred entire partitions. Use this with extreme caution as it will erase all data on the specified partition.

# To shred a partition:
shred -n 5 -vz /dev/sda

Important Considerations for Shredding

It's crucial to understand the limitations of the shred command:

  • Journaled File Systems: On modern file systems that use journaling (like ext3, ext4, NTFS, HFS+), shred might not be fully effective. Journaling means data can be written to different locations on the disk, and shred might only overwrite the current location of the file, leaving older versions in the journal.
  • Solid State Drives (SSDs): SSDs use wear-leveling algorithms that can remap data blocks. This means that shred might overwrite a block that is not the actual physical location of the data, rendering the shredding ineffective. For SSDs, secure erase commands provided by the drive manufacturer are generally recommended.
  • Network File Systems: shred is not designed for network file systems (NFS, SMB/CIFS) as it operates on local block devices.

For most standard use cases on traditional hard drives, shred is an effective tool for securely deleting sensitive files.

External Resources

← Back to cmd cheatsheets All cheatsheets 🙏  Credits & Acknowledgments