When you delete a file on your computer, the system clears the blocks in your storage by removing the reference to the file. The file doesn't disappear suddenly and is still accessible using advanced software, which might not be what you want.
Anyone with a file recovery tool can extract those deleted files from your storage and view their content. But what if you don't want this to happen? And what's the best possible way to delete files on Linux so that no one can ever recover them?
Here's when the shred utility comes into play. This article will discuss the shred command in detail, its limitations, and how to use it to securely delete files on Linux.
What Is shred and How Does It Work?
Shred is a command-line utility that overwrites the content of a file multiple times with random data to make it unrecoverable. It also allows you to delete the file after overwriting its data.
"Why does it overwrite the file content?", you might ask. Let's understand it with an example. Consider that you need to hide or "delete" the content written on a sheet of paper. Sure, you can crumple it up and throw it in the trash can. But anyone can take the crumpled ball of paper, straighten it up, and read the content.
On the other hand, a paper shredder cuts the sheet of paper into thin strips or pieces, making it almost impossible for anyone to revert the process and view the content.
This is exactly how the shred command works in Linux. It overwrites the content of a file multiple times with strings of zeroes, making it impossible for anyone to view the original content. And after that, it can safely remove the file from your system storage if you want.
When Not to Use shred
Beware that shred doesn't work efficiently in all situations. According to the shred man page, the utility is not effective when used on certain file systems. And these are:
- Log-structured or journaled file systems (ext3, XFS, and JFS).
- RAID-based file systems.
- File systems that store snapshots.
- File systems that store cache.
- Compressed file systems.
The shred man page also states that the command doesn't work with ext3 only if it's in journal mode. However, in the data=writeback and data=ordered mode, the tool works like a charm.
Also, you shouldn't use the shred utility on SSDs as the additional erase and write process can damage your storage.
How to Use the shred Command
With shred, you can either choose to overwrite and delete a file or simply overwrite the file without removing it.
Basic Syntax
The basic syntax of the command is:
shred options filename
...where options are the various flags used to invoke the methods of the command and filename is the absolute or relative path to the file that you want to work on.
Delete a File Permanently
To permanently delete a file using shred, use the -uvz flag with the default command.
- u: Deletes the file from the storage
- v: Displays the output in verbose mode
- z: Overwrites the file with zeroes
shred -uvz textfile.txt
By default, shred overwrites the file four times. In the first three passes, it overwrites the file content with random data. In the last pass, because of the -z flag, it overwrites the data with zeroes. Shred also overwrites the inode to remove any metadata associated with the file.
Output:
Overwrite a File With Zeroes
To simply overwrite a file with zeroes without deleting it from your system, remove the -u flag from the previous command.
shred -vz textfile.txt
Output:
Set the Number of Overwrites
As mentioned above, shred overwrites the data in the file four times. If you want to specify a particular number of overwrites, you can do so using the -n or --iterations flag.
However, note that shred will always add one more pass to the number you specify. Therefore, to overwrite the file six times, pass the number five in the command:
shred -uvz -n 5 textfile.txt
shred -uvz --iterations 5 textfile.txt
Overwriting the files three times is more than enough to ensure that no one can recover the data. Anything above that simply takes more time without having any significant effect.
Delete Multiple Files Using shred
To delete multiple files, simply pass the name of the files separated with the Space character.
shred -uvz file1.txt file2.txt file3.txt
If you have a directory that contains similar types of files, you can use wildcard characters like the asterisk (*) to delete or overwrite files. For example, to delete all the TXT files in your current working directory:
shred -uvz *.txt
Shred a Part of the File
Using shred, you can also render a file corrupt by shredding the starting bytes of a file. For example, you can overwrite or remove the starting 1KB of the file. To do so, the -s or --size flag is what you need.
While you will be able to display a text file even after shredding it partially, package files or executables won't run after issuing the command.
shred -vz -s 1K textfile.txt
shred -vz --size 1K textfile.txt
The original text file:
Executing the command:
The text file after issuing the command:
Shred accepts the following three suffixes in the command:
- K: Kilobytes
- M: Megabytes
- G: Gigabytes
Get Command-Line Help
While the shred command doesn't have a lot of methods and options that you need to memorize, sometimes you might want to access the command man page for reference.
The --help flag displays the shred man page:
shred --help
Output:
Remove Files Permanently on Linux
Linux provides you with an easy way to remove files and folders from your storage. But that's not completely secure. It only takes a few clicks to access these deleted files using data recovery software.
If you use a public computer and don't want someone to view your files and folders, you can choose to hide them instead. It's a much better way to prevent someone from viewing your personal data on Linux.