Let’s learn how to install and use the
wipe tool on our UNIX, MacOS X and Linux distros to securely remove files to prevent or at least decrease the possibilities of recovering them for the sake of privacy.
Wipe is a secure file wiping utility. There are some low level issues that must be taken into consideration. One of these is that there must be some sort of write barrier between passes. Wipe uses fdatasync(2) (or fsync(2)) as a write barrier, or if fsync(2) isn’t available, the file is opened with the O_DSYNC or O_SYNC flag. For wipe to be effective, each pass must be completely written. To ensure this, the drive must support some form of a write barrier, write cache flush, or write cache disabling. SCSI supports ordered command tags, has a force media access bit for commands, and write cache can be disable on mode page 8. IDE/ATA drives support write cache flushes and write cache disabling. Unfortunately not all drives actually disable write cache when asked to. Those drives are broken. Write caching should always be disabled, unless your system is battery backed and always powers down cleanly. See this thread from the linux kernel list:Source: wipe wiki
As usual, become a root or use
sudo whenever is needed with the following commands.
wipe too isn’t installed on most Linux distributions by default. So, let’s check whether or not it’s being installed.; Please see: How to check whether or not a package is installed.
If it wasn’t installed, simply install it:
$ apt install wipe
apt wasn’t installed by default, then use
$ dnf install wipe
$ yum install wipe
$ dnf install wipe
$ urpmi wipe
$ pacman -S wipe
$ emerge app-misc/wipe
On Void Linux: Unfortunately,
wipe is not available in Void Linux repositories.
$ apk add wipe
To install the pre-compiled package:
$ pkg install wipe
If you prefer to compile it yourself:
$ portmaster -v security/wipe
Or, the traditional way:
$ cd /usr/ports/security/wipe $ make install clean $ rehash
On MacOS X: Unfortunately,
wipe is not available in MacPorts repositories.
Then, use the
wipe command to securely remove the files:
$ wipe -ifc FILE-NAME
The meaning of the used flags:
-i: (informational, verbose mode) This enables reporting to stdout. By default all data is written to stderr.
-f: (force; disable confirmation query) By default wipe will ask for confirmation, indicating the number of regular and special files and directories specified on the command line. You must type “yes” for confirmation, “no” for rejection. You can disable the confirmation query with the
-c: (chmod if necessary). If a file or directory which will be wiped has no write permissions set, will do a chmod to set the permission.
To securely remove all files in the current directory:
$ wipe -r *
-r: (recurse into subdirectories) Will allow the removal of the entire directory tree. Symbolic links are not followed.
To securely remove a disk-partition:
$ wipe -kq /dev/sda3
The used flags:
-k: Keep files: do not unlink the files after they have been overwritten. It comes in handy when you want to wipe a device, while keeping the device special file. This implies
-q: (quick wipe) If this option is used, wipe will only make (by default) 4 passes on each file, writing random data. See option -Q.
For more information, check the manual:
$ man wipe
Or read it online: wipe(1)