Sometimes you need to destroy or delete data from the hard drive (for example, before you sell your old hard drive on eBay) so that no one else can access it. Simply deleting data (eg with rm) is not enough because it only deletes the file system pointer, but not the data, so that it can be easily deleted from the recovery software. Even zeroing out your hard drive might not be enough. This is where shred comes into play – shreds can overwrite files and partitions repeatedly, making it difficult for very expensive hardware to recover data.
1 About Damaged Linux Applications
Damaged can be used to delete files and also partitions and hard drives. If you see a broken book page …
… You might notice the following :
CAUTION: Note that shred relies on a very important assumption: that the file system overwrites data in place. This is the traditional way to do things, but many modern file system designs do not satisfy this assumption. The following are examples of file systems on which shred is not effective, or is not guaranteed to be effective in all file system modes:
* log-structured or journaled file systems, such as those supplied with AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)
* file systems that write redundant data and carry on even if some writes fail, such as RAID-based file systems
* file systems that make snapshots, such as Network Appliance's NFS server
* file systems that cache in temporary locations, such as NFS version 3 clients
* compressed file systems
In the case of ext3 file systems, the above disclaimer applies (and shred is thus of limited effectiveness) only in data=journal mode, which journals file data in addition to just metadata. In both the data=ordered (default) and data=writeback modes, shred works as usual. Ext3 journaling modes can be changed by adding the data=something option to the mount options for a particular file system in the /etc/fstab file, as documented in the mount man page (man mount).
This is something you need to worry about only if you use shred to delete files. However, because I want to erase the hard drive, I will use shreds for all sections or hard drives in this tutorial.
2 Using damaged
If you want to delete your system partition, you must boot into the system directly (such as Knoppix, Ubuntu Live-CD, your hoster rescue system, etc.). This is not necessary if you do not want to delete your system partition.
Damage should have been installed (you can check with
); if not, you can install it as follows (Debian / Ubuntu / Knoppix):
apt-get install coreutils
As I said before, I want to use damaged partitions and hard drives. So, for example, to delete the / dev / sda5 partition, you can use
shred -vfz -n 10 /dev/sda5
-v: show progress
-f: change permission to allow writing if necessary
-z: add the last overwrite with zero to hide the shredding
-n: overwrite N times instead of default (3)
So this will overwrite / dev / sda5 ten times.
You can also use shred for RAID partitions, e.g.
shred -vfz -n 10 /dev/md1
And to erase a full hard drive like / dev / sda, you can use it
shred -vfz -n 10 /dev/sda
Please note that damage can take a long time, depending on the size of your partition / hard drive and the number of turns (-n).