As a general disclaimer: Use this information at your own risk, and don’t blame me if you screw everything up.

I posted recently in wipe your… about secure document deletion.  Until today, I hadn’t tried any of the methods mentioned in that post for securely deleting individual files.  So, since I needed to securely delete some files, I finally gave it a go.  I used shred to delete some files.

To delete an individual file, try this command:

shred -uzv -n 1 [filename]

The options are as follows:

  • -u dictates removal of the file after the command finishes (although, I’m not sure why you wouldn’t want to remove a file after you have shredded it)
  • -n followed by a number, dictates the number of passes (without this option, shred defaults to 25 passes)
  • -v dictates a verbose output
  • -z dictates a final pass (beyond the passes indicated with -n) of all zeros

I use just one pass, but lots of people cling to the belief that magnetic moments can be recovered if not sufficiently overwritten. After reading Overwriting Hard Drive Data: The Great Wiping Controversy, however, I gave up the notion of needing multiple passes. I use the -n 1 option to overwrite the data with a random string and then follow it up with the -z option to essentially cover shred‘s tracks and make the drive space read like it had never been written to.

While the command above worked really well for deleting individual files (or even multiple files within a directory by using the star wild card “*” for the filename) it made for slow work drilling down through a very intricate directory structure to shred all the files in a given directory. Unfortunately (or perhaps fortunately) shred doesn’t have a recursive option.

So I had to get creative. I tried using find and piping the results to xargs shred, but I quickly discovered that xargs doesn’t have a convenient way of dealing with spaces in file names, (and I had lots of those). So I went one step further and used the following command:

find [top-directory] -type f | sed 's/ /\\ /g' | xargs shred -zu -n 1

The find command pipes the stream to sed which replaces all of the spaces with escaped spaces and then pipes that output to xargs shred.  After you have recursively deleted all of the files in your directory using the above command, you can then remove the folders recursively with this command:

rm -rf [top-directory]

The -r option makes rm (short for “remove”) run recursively, and the -f option forces it to delete everything without prompting you.

WARNING: these are very dangerous commands.  Just like I mentioned in wipe your…, use these commands at your own risk.  They result in permanent deletion of the files and directories in question.  Once you have run these commands, there is no going back.

Advertisements