Delete files securely on Linux – Journaled file systems

By
JR
Published: December 18, 2009Last Updated: January 22, 2010Posted in: Linux

terminal-logo-small Few days ago I write about shred, which work fine for old systems, like EXT2, but not so nice with journaled file systems. Modern file systems need something more robust, like dd and srm (a secure replacement for rm). Unlike the standard rm, srm overwrites and rename the files before unlinking them. This makes it very hard to recovery of the data.

Create test file:

echo "secure content" > /tmp/secure.txt

dd and srm command usage

Fill free space with zeroes (Use very carefully):

dd if=/dev/zero of=/tmp/secure.txt

Write buffered data from the memory out to disk

sync

Delete file with srm:

# Basic example
srm /tmp/secure.txt
 
# US Dod compliant 7-pass overwrite.
srm -D /tmp/secure.txt
 
# US DoE compliant 3-pass overwrite. 
# Twice with a random pattern, finally with the bytes "DoE". 
# See http://cio.energy.gov/CS-11_Clearing_and_Media_Sanitization_Guidance.pdf for details.
srm -E /tmp/secure.txt
 
# OpenBSD  compatible rm. Files are overwritten three times, first with the byte pattern 
# 0xff, then 0x00, and then 0xff again, before they are deleted. 
# Files with multiple links will be unlinked but not overwritten.
srm -P /tmp/secure.txt

Delete directory:

srm -r /tmp/secure-directory

Write buffered data from the memory out to disk

sync

Conclusion of commands

# Create
echo "secure content" > /tmp/secure.txt
 
# Remove
dd if=/dev/zero of=/tmp/secure.txt
sync
srm -D /tmp/secure.txt
sync

More info about options with commands:

man dd
man srm

Related posts:

  1. Delete files permanently with shred command in Linux – Remove absolutely Sometimes need to delete files whose contents should disappear absolutely, completely and safely. Linux command rm just remove file and...
  2. Linux Tip: Create and Append to Temporary File Without Editor This is a very typical case, the need to create a temp file on the command line quickly. Opening editor,...
  3. Linux Tip: How to handle a files with a dash as first character from command line Sometimes you maybe have to handle files with a dash (-) as first character from Linux command line. It can...
  4. SVN Remove Added File From Repository and Keep Local File – Subversion This is quick SVN (Subversion) tip, howto remove added file from SVN repository without deleting file from local filesystem. Remove...
  5. Linux locate command: Find Files and Directories Quickly and Efficiently This is quick guide howto find files and directories quick and efficiently on Linux with locate command. Linux find command...
Tags: , , , , , ,

About the Author

Hi, I'm JR and the Founder of if not true then false. I am a software developer, and I have over ten years experience in programming. I'm big fan of Linux and Open Source. And normally I use just Linux environments.

Like If (!1) 0 on Facebook: