If you have a file containing the sensitive information, deleting it simply with the rm command or pressing the Del key might not be enough. Usually, when you delete a file using the rm command, it removes just from our directory listing. The deleted file remains on the hard disk and can be recovered and misused by an attacker with some necessary skills.
In Linux, the shred command allows you to securely delete the files by overwriting the file repeatedly with gibberish data. This makes retrieval of the original data quite difficult or nearly impossible, even if the deleted file is recovered. Shred command not just overwrites a file but deletes it as well if specified. You can also use it to overwrite partitions or an entire disk.
In this article, we have explained how to use the shred command in Debian10 OS to securely delete the files. The same procedure can be followed in other Debian and Ubuntu versions. We have also discussed some of its command-line options.
Working with Shred Command
Shred command is one of the GNU Core Utilities and is available on nearly any Linux system including Debian. Let’s see how to work with the shred command:
Shred Command Syntax
Following is the shred command syntax:
$ shred option <FILE>
Where the “FILE” can be a file or any hard disk partition.
When you use the shred command without any option, it overwrites the file with gibberish data multiple times. To understand what the shred command does, let’s create a test file named “testfile.txt” with some text in it.
$ echo “this file contains some sample text” > testfile.txt
This is how our example file looks like:
After creating the file, also check the size of the file. We will use it later to compare it against the size of the shredded file.
$ ls -l testfile.txt
Now run the shred command (without any command line option) followed by the file name that you want to shred.
$ shred testfile.txt
The above command will overwrite the testfile.txt three times (by default). To see what happened to the test file, call the cat command:
$ cat testfile.txt
From the cat command output, you will only see the gibberish inside the file.
Also, if you view the file size, you will notice it has increased.
Shred Command Line Options
The shred command has a few command line options to allow you to expand its functionalities. Let’s have a look at some examples of how these options work.
Using the -v or –verbose option, you can view what is happening in the background.
$ shred -v testfile.txt
The following output shows the three passes of overwriting the file with the random numbers.
Note: Next for all the following examples, we will use the -v option for displaying the output.
Overwrite Multiple Files
If you have more than one file, you can shred them using a single command instead of shredding them one by one using separate commands. To shred more than one files, type them all as an argument (separated by space) or use the wildcard character to specify all the files which have the same extensions.
$ shred -v testfile1.txt testfile2.txt testfile3.txt
All three files will be shredded in a single process as shown in the following screenshot.
You can also use the shred command to overwrite the drives and partitions. For example, to overwrite all the data on the /dev/sda2 partition, the command would be:
$ sudo shred -v /dev/sda2
Overwrite with zeros
Usually, the shred command overwrites the file with the random data. However, it will be conspicuous on your system that the shredding operation was performed on this device. You may hide the shredding process using the -z or –zero option with shred command.
Using shred command with -z or –zero option first overwrites the file with random numbers, then adds a final overwrite with zeros.
$ shred -vz testfile.txt
In the above output, you can see that after overwriting the file three times with random numbers, the shred finally overwrote the file with zeros.
The shred command overwrites the files 3 times with random junk. To increase the number of overwrite passes, use the -n or –iterations option.
For example, to shred the testfile.txt using 5 number of overwrite passes, the command would be:
$ shred -vn5 testfile.txt
Overwrite Only First x Bytes
The default behavior of the shred command is to overwrite the whole file. Using the -s or –size option with the shred command allows you to overwrite only first x bytes. For instance, to overwrite only the first 6 bytes of testfile.txt, the command would be:
$ shred -vs6 testfile.txt
The above command will only overwrite the first 6 bytes of the specified file. You can verify it by calling the cat command.
Delete File after Overwriting
As discussed earlier, the shred command only overwrites the file if we use it without any command line options. However, after overwriting, you can delete the file as well using the -u or –remove option with the shred command. Note that it will also rename the file before deletion.
$ shred -vu testfile.txt
From the above output, you can see that the file was finally removed after being overwritten and renamed.
To find more details about the shred command, use the –help option or visit the man page:
$ shred --help
$ man shred
In this article, you have learned how to use the shred command in Debian 10 Buster system along with various command line options. You have seen that how the shred command overwrites and deletes the files, making them hard to recover using any recovery tools.