In this tutorial we will learn one of the most popular tools to securely remove files from disks on Linux and UNIX systems. Which called shred
. To prevent or decrease the possibilities of recovering them.
shred is a Unix command that can be used to securely delete files and devices so that it is extremely difficult to recover them, even with specialized hardware and technology; assuming it’s even possible to recover the file at all. It is a part of GNU Core Utilities.
Source: Wikipedia
As usual, become a root or use sudo
whenever is needed with the following commands.
Installation:
shred
is usually available on most Linux distributions. And since it’s part of the package coreutils, we need to make sure first that we have it installed on our system. Please, see : How to check whether or not a package is installed.
If it wasn’t installed, simply install it:
Such as: Debian / Ubuntu / Linux Mint / Devuan / elementary OS / MX Linux / antiX / deepin / Linux Lite / Zorin OS / LXLE / Peppermint OS / SparkyLinux:
$ apt install coreutils
If apt
wasn’t installed by default, then use apt-get
or aptitude
instead.
On Fedora:
$ dnf install coreutils
On RedHat 7 / CentOS 7 / Scientific Linux 7:
$ yum install coreutils
On RedHat 8+ / CentOS 8+ / Scientific Linux 8+:
$ dnf install coreutils
On Mageia:
$ urpmi coreutils
On ArchLinux and its its derivatives: (like: Manjaro / KaOS / ArchBang Linux / BlackArch Linux / Parabola GNU/Linux-libre / Chakra GNU/Linux):
$ pacman -S coreutils
On Gentoo:
$ emerge sys-apps/coreutils
On Void Linux:
$ xbps-install -S coreutils
On FreeBSD:
To install the pre-compiled package:
$ pkg install coreutils
If you prefer to compile it yourself:
Using portmaster
:
$ portmaster -v sysutils/coreutils
Or, the traditional way:
$ cd /usr/ports/sysutils/coreutils $ make install clean $ rehash
On MacOS X:
If you’re using MacPorts
:
$ port install coreutils
If you’re using Brew
:
$ brew install coreutils
Usage:
Then, use the shred
command to securely remove the files:
On Linux:
$ shred -v -z -u -n 10 FILE-NAME
On FreeBSD and MacOSX:
$ gshred -v -z -u -n 10 FILE-NAME
The meaning of the used flags are:
-v
: Verbose (show progress).-z
: Add a final overwrite with zeros to hide shredding.-u
: Truncate and remove file after overwriting.-n
: Overwrite N times instead of the default (3). In our example we used 10.FILE-NAME
: Is the file we want to securely remove it.
Unfortunately, shred
doesn’t have a recursive flag, but you can achieve that if you combine it with find
command like the following if you want to delete all files in the current directory no matter how deep it is.
$ find . -type f -exec shred -v -z -u -n 10 {} +
For more information, check the manual:
On Linux:
$ man shred
On FreeBSD and MacOSX:
$ man gshred
Or read it online: shred(1)