Sometimes you can need to delete or format a hard drive for some operations. The most common use case for completely and irrevocably wiping a device will be when the device is going to be given away or sold as this is really important for data protection. There are some commands which can help you to do these operations in Linux.
This article shows 4 commands to wipe hard disks or partitions data on your Linux system
1) dd
The dd command can help you to copy and convert a file. The command can overwrite the whole disk with zeros and is considerably faster than generating gigabytes of random data. It offers some operands that you can use to specify what kind of formatting you want. The syntax is:
dd if=<source> of=<target> [Options]
Only superuser can run this command because you can face a big data loss due to its improper usage.
# dd if=/dev/zero of=/dev/sda2 bs=512 count=1 1+0 records in 1+0 records out 512 bytes copied, 0.0116875 s, 43.8 kB/s
You can wipe a disk is done by writing new data over every single bit. To further complicate the recovering process we will write over the entire drive with random data.
# dd if=/dev/urandom of=/dev/sda2 bs=4096
2) shred
The shred command is used to overwrite the specified files repeatedly and make it difficult for software to recover the data. The syntax is as below
shred [option] <target>
The command also overwrites data in a file or a whole device with random bits, making it nearly impossible to recover. This command permanently erases the data. The command has some options which can be used to wipe a disk as:
- -f changes permissions to allow writing if needed
- -n (iterations=N) overwrites N times instead of the default (3)
- -s (size=N) specifies the number of bytes to shred
- -u truncates and removes files after overwriting
- -v shows verbose information about the progress
- -x does not round file sizes up to the next full block
- -z adds a final overwrite with zeros to hide shredding
- -u removes the file after overwriting
So, to wipe the partition you can use
# shred -vfz -n 10 /dev/sda2 shred: /dev/sda2: pass 1/11 (random)... shred: /dev/sda2: pass 2/11 (ffffff)... shred: /dev/sda2: pass 3/11 (249249)... shred: /dev/sda2: pass 4/11 (000000)... shred: /dev/sda2: pass 5/11 (555555)... shred: /dev/sda2: pass 6/11 (random)... shred: /dev/sda2: pass 7/11 (6db6db)... shred: /dev/sda2: pass 8/11 (aaaaaa)... shred: /dev/sda2: pass 9/11 (db6db6)... shred: /dev/sda2: pass 10/11 (random)... shred: /dev/sda2: pass 11/11 (000000)...
It is possible to use shred with random data as below
# shred -v --random-source=/dev/urandom -n10 /dev/sda2 shred: /dev/sda2: pass 1/10 (random)... shred: /dev/sda2: pass 2/10 (db6db6)... shred: /dev/sda2: pass 3/10 (aaaaaa)... shred: /dev/sda2: pass 4/10 (ffffff)... shred: /dev/sda2: pass 5/10 (6db6db)... shred: /dev/sda2: pass 6/10 (random)... shred: /dev/sda2: pass 7/10 (249249)... shred: /dev/sda2: pass 8/10 (555555)... shred: /dev/sda2: pass 9/10 (000000)... shred: /dev/sda2: pass 10/10 (random)...
3) wipe
The wipe command can be used to securely erase files from magnetic media. You can use the wipe command in order to wipe data on a disk. The wipe command has the command below
wipe [options] <target>
The command is not present by default, you need to install it.
On Ubuntu 16.04/18.04
# apt install wipe Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: wipe 0 upgraded, 1 newly installed, 0 to remove and 322 not upgraded. Need to get 41.8 kB of archives.
On Centos 7, you need first to download the rpmforge
# wget http://ftp.tu-chemnitz.de/pub/linux/dag/redhat/el7/en/x86_64/rpmforge/RPMS/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm
Install it
# rpm -Uvh rpmforge-release*rpm warning: rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 6b8d79e6: NOKEY Preparing... ################################# [100%] Updating / installing... 1:rpmforge-release-0.5.3-1.el7.rf ################################# [100%]
Then, install the wipe command
# yum install wipe Loaded plugins: fastestmirror rpmforge | 1.9 kB 00:00:00 rpmforge/primary_db | 125 kB 00:00:15
You can wipe a partition as below:
# wipe /dev/sda2 Okay to WIPE 1 special file ? (Yes/No) yes Operation finished. 1 file wiped and 0 special files ignored in 0 directories, 0 symlinks removed but not followed, 0 errors occured.
4) scrub
The scrub command can be used to overwrite data using patterns. The command is not available by default, you should need to install it on your Linux system. The syntax is
scrub [option] <target>
To scrub hard disk, you can do as below
# scrub /dev/sda5 scrub: using NNSA NAP-14.1-C patterns scrub: please verify that device size below is correct! scrub: scrubbing /dev/sda5 1071644672 bytes (~1022MB) scrub: random |................................................| scrub: random |................................................| scrub: 0x00 |................................................| scrub: verify |................................................|
Scrub uses some methods to operate on disks. You can use the dod method to wipe disks.
# scrub -p dod /dev/sda5 -f scrub: using DoD 5220.22-M patterns scrub: please verify that device size below is correct! scrub: scrubbing /dev/sda5 1071644672 bytes (~1022MB) scrub: random |................................................| scrub: 0x00 |................................................| scrub: 0xff |................................................| scrub: verify |................................................|
Wiping a drive is dangerous because you can lose data permanently. You have to be sure to choose the right disk. Additionally, depending on how worried you are about someone taking the data, it can be difficult to ensure that some drives are truly non-recoverable.
Nice complete overview of available methods. You mention that it's about cleaning disks, but in your examples you state "sda2". Isn't this only a partition? Shouldn't you use "sda"?
This is one of the many reasons I switched back to Windows.
powershell admin
diskpart
list disk
select disk X
clean
Job done.
Hi Tony,
Thanks for the reply. Now we can use PowerShell on Linux https://github.com/PowerShell/PowerShell. Not sure about the commands above :-)
What a dumb piece of human bean. Commands above trying to secure erase your data, when your commands from windows are just clearing partition table and all the data can be easily recovered.
wipe is pretty different. Diskpart is just modifying a partition table. Using one of the enumerated method above, you are basically writing information on the hdd/usb, over and over again so the recovery process it may be impossible...
Anyone who has sensitive data or data destruction requirements needs to understand that these commands don't do anything to the data. They simply remove a Windows file system structure. Numerous data recovery programs can recover most if not all of the data on these drives. If you have nothing sensitive on itand just want to clear a disk for reuse, this is probably going to work for you.
Windows takes 4 commands and doesn't overwrite the actual data, it just removes the pointer to the data(which can be restored)
Linux takes one command (scrub /dev/sda5) to overwrite the actual data with random characters and then all zeros.
More work and no real results, yeah, I can see why you chose windows. SMH