4 Tools to Securely Delete Files from Linux

Any computer user with normal level skill set knows that any data removed from computer system can be recovered later with little bit of efforts. This is a good thing in the scenario when you have accidentally deleted your critical data. But in most cases, you don't want your private data to be recovered easily. Whenever we remove anything, the operating system deletes just the index of the particular data. It means that data is still there somewhere on the disk, this method is insecure, as any smart computer hacker can use any good data recovery tool to easily recover your deleted data. Linux users utilizes the well know “rm” command to remove data from their operating system, but “rm” command works in the conventional fashion. Data removed using this command can be recovered by special file recovery tools.

Let’s see how we can safely and completely remove files/folders from our Linux system. The methods mentioned below remove data completely so it becomes very hard for recovery tools to find traces of the actual data and recover it.


Secure-Delete is a set of tools for Linux operating system and they provide advanced techniques for permanent removal of files.  Once Secure-Delete has been installed on any Linux system, it provides following four commands:

  • srm
  • smem
  • sfill
  • sswap

Run following command in the terminal to install it in ubuntu:

sudo apt-get install secure-delete
secure delete

Run following command to install it in RHEL, Fedora or Centos:

sudo yum install secure-delete

srm” command works similarly to “rm” command, but instead of just deleting the file, it first overwrites it multiple times with some random data and then removes the file permanently. The syntax for this command is pretty simply, just specify the file or directory to remove and it will take care of the task.

sudo srm  /home/aun/Documents/xueo/1.png

"sfill" checks the specified partition/directories for space marked as free or available, and then uses its algorithm to fill it up with some random data. In this way it ensures that there are no more recoverable files/folders on the partition.

sudo sfill /home

"sswap" command is used to securely wipe your swap partitions. Swap partition is used to store data for running programs. First of all find out your swap partition by running the following command:

cat /proc/swaps

Example output of above command is show below:

aun@eagle:~$ cat /proc/swaps
Filename                Type        Size    Used    Priority
/dev/sda5                               partition    2084860    71216    -1

From here, you can see that swap is set to which partition, and then securely clean it by running the following command. Replace the "/dev/sda5" part with your partition name.

sudo sswap /dev/sda5

smem” is used to clean the contents of memory, its true that RAM contents are cleaned when system is rebooted or powered off, but some residual traces of data still remain in the memory. This command provides secure memory cleaning, simly run smem command on the terminal.



"shred" command destroys files/folder’s contents in a way that it is impossible to recover. It keeps overwriting the files with randomly generated data patterns so in this way it becomes very hard to recover any data from them even if hackers or thief uses high level of data recovery tools/equipments. Shred is installed by default on all Linux distributions, if you want, you can find its installation path by running following command:

aun@eagle:~$  whereis shred

shred: /usr/bin/shred /usr/share/man/man1/shred.1.gz

Run following command to remove file using shred utility.

shred /home/aun/Documents/xueo/1.png

Run following command to securely remove any partition using shred ; Replace partition name with your desired partition.

shred /dev/sda5

Shred by default overwrites file with random contents 25 times. If you want it to overwrite file more than this, simply specify the desired number with "shred -n" option.

shred -n 100 filename

If you want to truncate and remove file after overwriting, use "shred -u" option

shred -u filename


This command is originally used for Disk Cloning. It is used to copy contents of one partition or disk to another. But it is also used for securely wiping out the contents of a hard disk or partitions. Run following command to overwrite your current data with random data.You don't need to install dd command, all Linux distributions include this command already.

sudo dd if=/dev/random of=/dev/sda

You can also overwrite the contents of hard disk or partitions by simply replacing everything with “zero”.

sudo dd if=/dev/zero of=/dev/sda


Wipe was originally developed to securely erase files from magnetic media. This command line utility writes special patterns to the files repeatedly. It uses fsync() call and/or the O_SYNC bit to force disk access. It uses Gutmann algorithm for repeated writes. You can remove contents of single file, folder or entire hard disk with this command, but whole hard disk format using wipe command will take good amount of time. The installation and use of this utility is pretty easy.

Install wipe on ubuntu by running the following command on the terminal.

sudo aptitude install wipe
Wipe Linux

Install Wipe in Redhat Linux, Centos or Fedora by running the following command:

sudo yum install wipe

Once the installation is complete, run following command on the terminal to get complete list of its available options:

man wipe

Remove any file or directory as:

wipe filename

Securely remove your tmp partition by running following command:

wipe -r /tmp

Use following command to remove contents  of complete partition (replace partition name with your desired partition).

wipe /dev/sda1


We hope you find this article useful, the privacy of your data is critical, its important to have such secure file removal utilities installed on your system so you may be able to remove your private data without fear of being recovered easily.  All of the above mentioned tools are pretty lightweight, they take minimum system resources to run, and does not affect performance of your system in anyway. Enjoy!

8 Comments... add one

  1. Please consider adding a tutorial for new Linux/Ubuntu users, on how to aapply these terminal commands specifically to the trash folder-- that would be extremely helpful! Thank you!

    • you're welcome, we will add as soon as possible an article in which we explain how to manage users and groups for both destribution RedHat and Debian .

  2. When I run the above command, { sudo sswap /dev/sda5 } nothing seems to happen. The HD light comes on and the terminal never returns to {Name:~$}. There's just a blank square that sits there. How long should it take to wipe and 8GB swap partition?

  3. What do the other mechanisms described achieved that a simple dd does not? Is it likely that data can be retrieved from a drive subjected to a straightforward dd if=/dev/zero? There are lots of claims out there that such is the case, but absolutely nothing in the way of proof positive.

    • Data on a hard drive is a long thin strip of bits with magnetism indicating "on" or "off". But magnetism is not an on or off thing. It is a force capable of having varying strength, similar to the way light can be bright or dim. So, imagine a bar code as an analogy. You can easily paint over the black and white (on and off) lines of a bar code, such that it can not be read by a standard bar code reader.

      However, with one coat of paint, it is highly likely that you could look closely and see the lines still. And, given enough resources, you could develop a bar code reader to read it through a coat of paint.

      If sensitive material on a hard drive were to fall into the hands of wrong people, they would likely be able to take the hard drive into a clean room and move the platters to a more sensitive mechanism. Algorithms could be (almost certainly have been) developed to identify the most plausible state of the various bits based on the strength of magnetic charge, etc.

      You ask for "proof positive" of this. But that is the wrong standard. The above is plausible. If you have data of extreme sensitivity, you must address plausible threats as well as those proven to exist.

  4. How long does it take for the sfill command to complete it's task. I ran sudo sfill home and it ran for about five days then i stopped it before it finished. Now I got this message: Low Disk Space on "Filesystem root." The volume Filesystem root has only 420 mb disk space remaining. System is very slow and sluggish. Should i run the sfill command again and let it finish? Or is there something better i can do? the Drive is 1T


Leave a Comment