terminal-logo-small

Few days ago I write about shred, which work fine for old systems, like EXT2, but not so nice with journaled file systems. Modern file systems need something more robust, like dd and srm (a secure replacement for rm). Unlike the standard rm, srm overwrites and rename the files before unlinking them. This makes it very hard to recovery of the data.

Create test file:

echo "secure content" > /tmp/secure.txt

dd and srm command usage

Fill free space with zeroes (Use very carefully):

dd if=/dev/zero of=/tmp/secure.txt

Write buffered data from the memory out to disk

sync

Delete file with srm:

# Basic example
srm /tmp/secure.txt

# US Dod compliant 7-pass overwrite.
srm -D /tmp/secure.txt

# US DoE compliant 3-pass overwrite. 
# Twice with a random pattern, finally with the bytes "DoE". 
# See http://cio.energy.gov/CS-11_Clearing_and_Media_Sanitization_Guidance.pdf for details.
srm -E /tmp/secure.txt

# OpenBSD  compatible rm. Files are overwritten three times, first with the byte pattern 
# 0xff, then 0x00, and then 0xff again, before they are deleted. 
# Files with multiple links will be unlinked but not overwritten.
srm -P /tmp/secure.txt

Delete directory:

srm -r /tmp/secure-directory

Write buffered data from the memory out to disk

sync

Conclusion of commands

# Create
echo "secure content" > /tmp/secure.txt

# Remove
dd if=/dev/zero of=/tmp/secure.txt
sync
srm -D /tmp/secure.txt
sync

More info about options with commands:

man dd
man srm