Posted on September 13, 2023 by nexonhost
How To Use Shred Command.
Deleting a file in Linux or any other operating system does not actually remove the file from the hard drive. The operating system deletes the pointers to the file and marks the occupied space as ready to be written to, while the actual data remains.
A deleted file can be recovered until it is overwritten by other data. The shred command prevents the recovery of deleted files in Linux by overwriting the deleted file with random data.
Linux shred Command Syntax
The basic shred command syntax is:
shred [options] [filename]
Options – Specifies the number of overwrites, file size, output, etc.
File – The name of the file you want to shred.
List of common shred command options:
Option: | Description: |
-n | Specifies the number of overwrites. |
-u | Overwrite and delete. |
-s | Amount of bytes to shred. |
-v | Show extended information. |
-f | Force shred command. |
-z | Hide shredding. |
–version | shred version information. |
–help | Display help. |
How to Use shred Command in Linux
The shred command is a part of the coreutils package, which comes with Linux out of the box.
Shredding is done by running the shred command in the terminal and adding flag options to customize the process or output. Shred options can be combined.
The shred command conducts a series of overwrite tasks which destroy the data on the disk and significantly reduce the chance for data recovery. Files are not removed after shredding by default because it is common to operate on entire device files like /dev/hda. Users can specify if they want to remove the file as well.
Overwrite a File
The basic function of the shred command is to overwrite a file several times to destroy the data. To shred a file, use the following syntax:
shred [filename]
Replace [filename] with the exact name of the file. If there is a space in the file name, put quotation marks around the file name.
Designate Number of Times to Overwrite a File
The -n option allows users to specify how many times the file is overwritten.
Use the following syntax:
shred -n [number] [filename]
Overwrite and Delete a File
Use the -u option to overwrite and then delete a file:
shred -u [filename]
Selectively Overwrite Bytes of Text
The -s option allows you to overwrite a specific portion of a file expressed in bytes. Suffixes like K-kilobytes, M-megabytes, and G-gigabytes are also accepted.
The syntax is:
shred -s [number_of_bytes] [filename]
Run shred With Verbose Mode
Verbose mode refers to displaying extended information. Specifically, run the shred command with the -v option to see how many times a file is overwritten.
The syntax is:
shred -v [filename]
Change Permissions to Allow Writing if Necessary
The -f option allows access to files by changing file permissions if necessary.
Follow this format:
shred -f [filename]
Hide Shredding
Use the -z option to shred a file and overwrite it with zeros to hide shredding from the file system.
The syntax is:
shred -z [filename]
Display shred Basic Details and Version
To check copyright and license details and the shred version installed, run:
shred --version
Display Help
To view all shred command options, app information, and caution notes, run:
shred --help
Important Considerations When Using the shred Command
The shred command revolves around the assumption that the data is overwritten in place. Some file systems and hardware do not follow that rule but instead journal the changes or move the data around for wear-leveling.
Therefore, shred is ineffective for:
Log-structured or journaled file systems, such as those supplied on AIX and Solaris (and JFS, ReiserFS, XFS, and Ext3).
RAID-based file systems and systems that write redundant data and carry on even in case of write failure.
File systems that support creating snapshots (cloning), such as network appliance’s NFS server.
File systems that cache in temporary locations, such as NFS version 3 clients.
Compressed file systems.
shred is a bad option for erasing an SSD. Overwriting specific data blocks on SSDs is not possible due to wear-leveling. In other words, shred does not necessarily overwrite the same physical memory cells.
Conclusion
You now know how to use the shred command in Linux to permanently erase files from a file system. This tutorial showed how to use different options to customize the shredding process and delete a file.