How to Securely delete Files in Linux Using shred command

May it be your kids assignment or sophisticated military intel, everyone today needs data privacy. Most of us think that a file on a system once moved to trash and emptied then, completely erases the file. It’s not true.

What Happens When We Delete a File?

When we delete a file, the pointers joining those 0’s and 1’s are just freed but the entire data remains on the storage drive itself. When one does this, it just becomes invisible to the user and marks the part of the disk that the file was stored on as available, meaning that your operating system can now write over the file with crunches of new data. Until the over writing process doesn’t occur, your data is still present which can be compromised with latest new techniques incorporated in the modern data recovery softwares, be it NTFS or FAT32 or ext* family.

What is shred  & How does it Work?

shred is a Unix command that can be used to securely delete files and devices. It is a part of GNU Core Utilities. shred can be invoked either on ordinary files or on devices such as hard disk partitions. By default, it overwrites the file three times with multiple patterns, but the number is user configurable. It also has an option to do an additional final overwrite with zeroes (0’s) which may help to hide the fact that we’ve used shred tool. You can also refer to our articles on how to securely wipe sensitive data.

Usage

shred [OPTION]... FILE...
-f, --force -> change permissions to allow writing if necessary
-n, --iterations=N -> overwrite N times instead of the default (3)
--random-source=FILE -> get random bytes from FILE
-s, --size=N -> shred this many bytes (suffixes like K, M, G accepted)
-u -> truncate and remove file after overwriting
--remove[=HOW] -> like -u but give control on HOW to delete; See below
-v, --verbose -> show progress
-x, --exact -> do not round file sizes up to the next full block;
-z, --zero -> add a final overwrite with zeros to hide shredding

Demo

Run the following command to remove any file using shred utility.

shred /Desktop/hackr.txt

Run the following command to securely delete any partition.

shred /dev/sda5

shred by default overwrites file with random contents 25 times. If you want it to overwrite the file more than the default, simply specify the desired number with shred -n  option.

shred -n 100 hackr.txt

If you want to truncate and remove file after overwriting, use shred -u option.

shred -u hackr.txt

Final Verdict

The bottom line is that computers can’t actually delete the files perfectly. They just allow the space to those files take up to be overwritten by something else. The best way to delete a file forever is to make sure the storage device is physically damaged, in a way that makes it difficult to retrieve the same.