Securely remove files using shred tool

In this tutorial we will learn one of the most popular tools to securely remove files from disks on Linux and UNIX systems. Which called shred. To prevent or decrease the possibilities of recovering them.

shred is a Unix command that can be used to securely delete files and devices so that it is extremely difficult to recover them, even with specialized hardware and technology; assuming it’s even possible to recover the file at all. It is a part of GNU Core Utilities.

Source: Wikipedia

As usual, become a root or use sudo whenever is needed with the following commands.


Installation:

shred is usually available on most Linux distributions. And since it’s part of the package coreutils, we need to make sure first that we have it installed on our system. Please, see : How to check whether or not a package is installed.

If it wasn’t installed, simply install it:

Debian and its based distrosFedoraredhat / CentOS / Scientific LinuxSUSE / openSUSEMageiaArchLinux and its based distrosGentooVoid LinuxAlpine LinuxFreeBSDMacOS X

Such as: Debian / Ubuntu / Linux Mint / Devuan / elementary OS / MX Linux / antiX / deepin / Linux Lite / Zorin OS / LXLE / Peppermint OS / SparkyLinux:

$ apt install coreutils

If apt wasn’t installed by default, then use apt-get or aptitude instead.

On Fedora:

$ dnf install coreutils

On RedHat 7 / CentOS 7 / Scientific Linux 7:

$ yum install coreutils

On RedHat 8+ / CentOS 8+ / Scientific Linux 8+:

$ dnf install coreutils

On SUSE / openSUSE:

$ zypper in coreutils

On Mageia:

$ urpmi coreutils

On ArchLinux and its its derivatives: (like: ManjaroKaOS / ArchBang Linux / BlackArch Linux / Parabola GNU/Linux-libre / Chakra GNU/Linux):

$ pacman -S coreutils

On Gentoo:

$ emerge sys-apps/coreutils

On Void Linux:

$ xbps-install -S coreutils

On Alpine:

$ apk add coreutils

On FreeBSD:

To install the pre-compiled package:

$ pkg install coreutils

If you prefer to compile it yourself:

Using portmaster:

$ portmaster -v sysutils/coreutils

Or, the traditional way:

$ cd /usr/ports/sysutils/coreutils
$ make install clean
$ rehash

On MacOS X:

If you’re using MacPorts:

$ port install coreutils

If you’re using Brew:

$ brew install coreutils

Usage:

Then, use the shred command to securely remove the files:

On Linux:

$ shred -v -z -u -n 10 FILE-NAME

On FreeBSD and MacOSX:

$ gshred -v -z -u -n 10 FILE-NAME

The meaning of the used flags are:

  • -v : Verbose (show progress).
  • -z : Add a final overwrite with zeros to hide shredding.
  • -u : Truncate and remove file after overwriting.
  • -n : Overwrite N times instead of the default (3). In our example we used 10.
  • FILE-NAME : Is the file we want to securely remove it.

Unfortunately, shred doesn’t have a recursive flag, but you can achieve that if you combine it with find command like the following if you want to delete all files in the current directory no matter how deep it is.

$ find . -type f -exec shred -v -z -u -n 10 {} +

For more information, check the manual:

On Linux:

$ man shred

On FreeBSD and MacOSX:

$ man gshred

Or read it online: shred(1)

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.