Recently we had lot of discussion regarding this issue. How to remove files securely so that it cannot be undeleted. Peter Gutmann paper “Secure Deletion of Data from Magnetic and Solid-State Memory” has very good information. Here are some commands/tools available under Debian GNU/Linux (it should work with other Linux distributions) to delete file securely.
srm: Securely remove files or directories
This command is a replacement for rm command. It works under Linux/BSD/UNIX-like OSes. It removes each specified file by overwriting, renaming, and truncating it before unlinking. This prevents other people from undelete or recovering any information about the file from the command line. Because it does lots of operation on file/directory for secure deletion, it also takes lot of time to remove it. Download srm from http://sourceforge.net/projects/srm (RPM file is also available for RPM based Linux distributions)
i) Untar and install the srm:
# ./configure # make # make install
ii) How to use srm?
srm syntax is like rm command. Read man srm. Here is simple example:
$ srm privateinfo.doc
wipe: It is a secure file wiping utility
Download wipe from http://wipe.sourceforge.net/
i) Untar and install the wipe
# ./configure # make # make install
ii) How to use wipe?
$ wipe filename
Read man page of wipe for information.
shred: Delete a file securely, first overwriting it to hide its contents.
It is available on most of Linux distributions including Debian GNU/Linux. To remove file called personalinfo.tar.gz :
$ shred -n 200 -z -u personalinfo.tar.gz
Where,
- -n: Overwrite N (200) times instead of the default (25)
- -z: Add a final overwrite with zeros to hide shreddin
- -u: Truncate and remove file after overwriting
Read the man page of shred(1) for more information. Most of these utilities are not effective (read as useless) only if :
- File system is log-structured or journaled filesystems, such as JFS, ReiserFS, XFS, Ext3 etc
- Your filesystems is RAID-based, compressed filesystem etc
- In addition, file system backups and remote mirrors may contain copies of the file that cannot be removed by these utilities.
See also:
- Delete (remove) files with inode number – to remove special character filename
🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source & DevOps topics via:
- RSS feed or Weekly email newsletter
- Share on Twitter • Facebook • 7 comments... add one ↓
Shred tip: Securely remove multiple files so no one can recover file again
40 Linux Server Hardening Security Tips [2019 edition]
30 Best Sources For Linux / *BSD / Unix Documentation On the Web
Linux 25 PHP Security Best Practices For Sys Admins
30 Linux System Monitoring Tools Every SysAdmin Should Know
Linux Rename Multiple Files At a Shell Prompt
21 Examples To Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
| Category | List of Unix and Linux commands |
|---|---|
| File Management | cat |
| Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Network Utilities | dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
| Searching | grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
That’s cool!
…but how to delete a file called ‘/’ ?
…one that’s accidentally been created with vi? Anybody know?
Which OS are you on? Most unix filesystems consider the
and
@ Anonymous: try escaping it with a backslash
@ Anonymous
Read this
http://www.cyberciti.biz/tips/delete-remove-files-with-inode-number.html
>but how to delete a file called ‘/’ ?
>one that’s accidentally been created with vi? Anybody know?
$> rm — /
That is backslash-forward slash (not a “Vee”)
this is very good site
HOW TO DELETE THE ARCH FILE FROM THE NUMBER OF FILES AND HOW TO RECOVER THOSE FILE IF REQUIRED OR IN CASE OF ANY MISTAKE?