Securely deleting (shredding) files on CentOS 4.0
There are several solutions available to securely erase a hard disk drive, but I haven’t found all that many tools to securely erase individual files. While reading through the coreutils documentation, I came across a reference to the shred utility. Shred allows you to securely erase files, and has several options to control the secure erase process:
$ shred –help
Usage: shred [OPTIONS] FILE [...]
Overwrite the specified FILE(s) repeatedly, in order to make it harder
for even very expensive hardware probing to recover the data.
Mandatory arguments to long options are mandatory for short options too.
-f, --force change permissions to allow writing if necessary
-n, --iterations=N Overwrite N times instead of the default (25)
-s, --size=N shred this many bytes (suffixes like K, M, G accepted)
-u, --remove truncate and remove file after overwriting
-v, --verbose show progress
-x, --exact do not round file sizes up to the next full block;
this is the default for non-regular files
-z, --zero add a final overwrite with zeros to hide shredding
- shred standard output
--help display this help and exit
--version output version information and exit
To securely erase the file named foo by writing garbage to the file 10 times, we can run shred with the “-n” (number of interations) option and the file to erase:
$ shred -v -n 10 foo
shred: foo: pass 1/10 (random)... shred: foo: pass 2/10 (000000)... shred: foo: pass 3/10 (ffffff)... shred: foo: pass 4/10 (b6db6d)... shred: foo: pass 5/10 (555555)... shred: foo: pass 6/10 (random)... shred: foo: pass 7/10 (aaaaaa)... shred: foo: pass 8/10 (492492)... shred: foo: pass 9/10 (924924)... shred: foo: pass 10/10 (random)...
The shred utility doesn’t work reliably on log structured and journaled file systems, as noted in the help screen:
CAUTION: Note that shred relies on a very important assumption: that the filesystem overwrites data in place. This is the traditional way to do things, but many modern filesystem designs do not satisfy this assumption. The following are examples of filesystems on which shred is not effective: * log-structured or journaled filesystems, such as those supplied with AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.) * filesystems that write redundant data and carry on even if some writes fail, such as RAID-based filesystems * filesystems that make snapshots, such as Network Appliance's NFS server * filesystems that cache in temporary locations, such as NFS version 3 clients * compressed filesystems In addition, file system backups and remote mirrors may contain copies of the file that cannot be removed, and that will allow a shredded file to be recovered later.
That said, this is still a nifty utility, and can be useful in some situations.
