These days security and anonymity concerns are forcing even average computer users to put extra thought on how they store and delete their data. Just deleting a file with a right-click or using the rm command isn’t sufficient for sensitive data. When you delete a file using these normal methods the data is not destroyed. These methods are simply removing the reference to the file on the disk. They are basically telling the operating system to ignore them. However, the deleted information still resides on the disk and can be easily recovered using widely available software.

Enter the shred command. This simple tool is part of the GNU Core Utilities package and is available on almost any Linux and UNIX system. The shred command overwrites the target file repeatedly to make it extremely difficult or impossible to be recovered. The shred command can be used to overwrite single files, multiple files, partitions, and even an entire disk.

In this article we will show you the basic usage of the shred command along with some useful command-line options.

NOTE: The shred command does have it’s limitations and only overwrites the data in place. Depending on the system configuration, there could be other copies of the data. Before you use this be sure you understand these limitations and how to account for them. You can find more information in the resources section at the end of this article.

Basic Syntax of Shred Command

Here is the basic syntax of the shred command:

$ shred option <file_or_device>

The “device” can be any partition or disk.

Using the Shred Command

Using the shred command without any command-line options overwrites the files repeatedly, which is three times by default. Here we will show an example of what the shred command does by creating a sample file and then overwriting it using shred.

Let’s create a sample file and add some text in it.

[[email protected] ~]$ echo “this is sample text” > sample.txt 

After creating the file, note its size using the ls command. It will be used later for comparing it against with the size of the overwritten file.

[[email protected] ~]$ cat sample.txt 
“this is sample text”
[[email protected] ~]$ ls -l sample.txt 
-rw-rw-r--. 1 mcherisi mcherisi 26 Jul 18 08:25 sample.txt

Now we will use the shred command so that it overwrites the file and make it unusable. To do so, simply type shred followed by the file name as follows:

[[email protected] ~]$ shred sample.txt

The shred command will overwrite this file three times. If you view this file with the cat command, you will see only garbage like this:

Now again view the file size. You will see the size of the file has changed now.

[[email protected] ~]$ ls -l sample.txt 
-rw-rw-r--. 1 mcherisi mcherisi 4096 Jul 18 08:30 sample.txt

The reason for the increase in disk size is because shred now fills a whole disk block (our file was smaller than the default block size). The size now matched the block size of the disk.

[[email protected] ~]$ sudo blockdev --getbsz /dev/sda1
4096

NOTE: The default behavior of shred is to round the file size up to the full block. You can override this behavior using the --exact or -x options.

[[email protected] ~]$ echo “this is sample text” > sample.txt 

[[email protected] ~]$ ls -l sample.txt 
-rw-rw-r--. 1 mcherisi mcherisi 26 Jul 18 08:57 sample.txt

[[email protected] ~]$ shred -x sample.txt 

[[email protected] ~]$ ls -l sample.txt 
-rw-rw-r--. 1 mcherisi mcherisi 26 Jul 18 08:57 sample.txt

[[email protected] ~]$ cat sample.txt 
��נ��L5��a�{�����_���[[email protected] ~]$ 

Command Line Options

The shred command provides a lot of options for expanding its usefulness. Let’s take a look at some of the options and how to use them.

Verbose Output

To see what the shred command is doing in the background, you can use the --verbose or -v option as follows:

[[email protected] ~]$ shred -v sample.txt 
shred: sample.txt: pass 1/3 (random)...
shred: sample.txt: pass 2/3 (random)...
shred: sample.txt: pass 3/3 (random)...

NOTE: Now for all the further outputs, I will use the -v (verbose) option to show you the results.

Overwrite Multiple Files

With the shred command, you can shred multiple files at once using a single command. To shred multiple files, specify the file names (separated by space) as an argument. You can also use wildcards and globbing to select specific target files, such as all files having the same extension.

[[email protected] ~]$ shred -v *.txt
shred: sample1.txt: pass 1/3 (random)...
shred: sample1.txt: pass 2/3 (random)...
shred: sample1.txt: pass 3/3 (random)...
shred: sample2.txt: pass 1/3 (random)...
shred: sample2.txt: pass 2/3 (random)...
shred: sample2.txt: pass 3/3 (random)...
shred: sample3.txt: pass 1/3 (random)...
shred: sample3.txt: pass 2/3 (random)...
shred: sample3.txt: pass 3/3 (random)...

Shred All Data on Entire Partition or Drive

Shred can also be used to overwrite partitions and even full drives. For instance, the following command will overwrite all the data on the partition /dev/sda2.  

[[email protected] ~]$ sudo shred -v /dev/sda2
shred: /dev/sda2: pass 1/3 (random)...
shred: /dev/sda2: pass 2/3 (random)...
shred: /dev/sda2: pass 3/3 (random)...

Delete File after Overwriting

By default, the shred command only overwrites the file. If you want to delete the file(s) after overwriting, you can use the --remove or -u option. Using this option will also rename the file several times before removing it for extra obscurification.

[[email protected] ~]$ shred –u -v sample.txt 
shred: sample.txt: pass 1/3 (random)...
shred: sample.txt: pass 2/3 (random)...
shred: sample.txt: pass 3/3 (random)...
shred: sample.txt: removing
shred: sample.txt: renamed to 00000000000
shred: 00000000000: renamed to 0000000000
shred: 0000000000: renamed to 000000000
shred: 000000000: renamed to 00000000
shred: 00000000: renamed to 0000000
shred: 0000000: renamed to 000000
shred: 000000: renamed to 00000
shred: 00000: renamed to 0000
shred: 0000: renamed to 000
shred: 000: renamed to 00
shred: 00: renamed to 0
shred: sample.txt: removed

Overwrite with zeros

After overwriting the file with random numbers, the shred command also allows you to do a final overwrite with zeros to hide the act of shredding. To do so, use the --zero or -z option as follows:

[[email protected] ~]$ shred -z -v sample.txt
shred: sample.txt: pass 1/4 (random)...
shred: sample.txt: pass 2/4 (random)...
shred: sample.txt: pass 3/4 (random)...
shred: sample.txt: pass 4/4 (000000)...

Overwrite n Times

By default the shred command overwrites the file three times. You can change this default behavior by changing the number of times the file is overwritten using the --iterations or -n option followed by the number of times you want to overwrite it. For instance, the following command will overwrite the sample.txt file 4 times:

[[email protected] ~]$ shred –n 4 -v sample.txt 
shred: sample.txt: pass 1/4 (random)...
shred: sample.txt: pass 2/4 (ffffff)...
shred: sample.txt: pass 3/4 (000000)...
shred: sample.txt: pass 4/4 (random)...

Overwrite Only First n Bytes

By default, the shred command overwrites the entire file. However, if you want to shred only first n bytes, you can do so using the --size or -s option followed by the number of bytes to shred. Bytes can be specified in K, M, or B to specify multiples.

For example, the following command will shred only the first 8 bytes of the specified file:

[[email protected] ~]$ shred -s8 sample.txt 
[[email protected] ~]$ cat sample.txt 
�n�ʖ���is sample text. it contains sample values.”

From the above output, you can see that the shred command has only shredded the few initial bytes. It has not altered the rest of the file.

View Help on the Command Line

You can find more helpful information regarding shred command using the --help option as follows:

$ shred --help

Conclusion

So there you have it, the basics of shred command. In this article, we have explained how to securely delete files, partitions, and disks to make it extremely hard to recover them. It is fairly a simple command and we have covered the most common options. If you have any questions or comments we would love to hear them below.

Resources and Links