Shred tip: Securely remove multiple files so no one can recover file again

Shred utility overwrites a file to hide its contents, and optionally delete it if needed. The idea is pretty simple as it overwrites the specified FILE(s) repeatedly, in order to make it harder for even very expensive hardware probing to recover the data. By default file is overwritten 25 times. I’ve seen cases where law enforcement agencies had successfully recovered data from 5 year old *not so* working hard disk as evidence. Also when you move your rented server you should consider running file shredding; otherwise new owner can get data including passwords.


Shred a single file

Securely delete a file called /home/vivek/login.txt:
$ shred -u ~/login.txt

You can add a final overwrite with zeros to hide shredding:
$ shred -u -x ~/login.txt


  • -u : Remove file after overwriting
  • -x : Add a zero to hide shredding
  • -n NUM : Overwrite NUM times instead of the default 25

Shred a multiple files

Let us say you have 100 subdirectories and just wanted to get rid of all files:
$ find -t f . -exec shred -u '{}' \;

If you have 1000s of files consider a running job in background using nohup – (execute commands after you exit from a shell prompt over ssh session):
$ nohup find -t f /var/www/ -exec shred -n30 -u '{}' \; &

Shred drawbacks

  • Shred doesn’t go well with log-structured or journaled file systems, such as JFS, ReiserFS, XFS, Ext3, etc.
  • Compressed file systems
  • RAID-based file systems
  • NETApps (Network Appliance’s) NFS server

So how do I wipe on journaling file systems?

There is no simple solution. I’ve tried different techniques.

You can store sensitive data on ext2 or fat32 file system and easily delete files. According to shred man page:

In the case of ext3 file systems, the above disclaimer applies (and shred is thus of limited effectiveness) only in data=journal mode, which journals file data in addition to just metadata. In both the data=ordered (default) and data=writeback modes, shred works as usual. Ext3 journaling modes can be changed by adding the data=something option to the mount options for a particular file system in the /etc/fstab file, as documented in the mount man page (man mount).

Someone suggested to use disk encryption to store data that needs to be wiped.

Run shred on entire partition:
# shred -n 30 -vz /dev/hdb2

On remote computer, use nohup:
# nohup shred -n 30 -vz /dev/sdb1 &

shred: /dev/sdb1: pass 1/26 (random)...
shred: /dev/sdb1: pass 1/26 (random)...1013MiB/234GiB 0%
shred: /dev/sdb1: pass 1/26 (random)...1014MiB/234GiB 0%
shred: /dev/sdb1: pass 1/26 (random)...1.9GiB/234GiB 0%
shred: /dev/sdb1: pass 1/26 (random)...2.0GiB/234GiB 0%
shred: /dev/sdb1: pass 1/26 (random)...3.0GiB/234GiB 1%
shred: /dev/sdb1: pass 1/26 (random)...3.1GiB/234GiB 1%
shred: /dev/sdb1: pass 1/26 (random)...4.0GiB/234GiB 1%
shred: /dev/sdb1: pass 1/26 (random)...4.1GiB/234GiB 1%
shred: /dev/sdb1: pass 1/26 (random)...5.0GiB/234GiB 2%
shred: /dev/sdb1: pass 1/26 (random)...5.1GiB/234GiB 2%
shred: /dev/sdb1: pass 1/26 (random)...6.1GiB/234GiB 2%

And finally you can always destroy hard disk physically, perhaps through a hard drive in hot melting metal 😉

If you just need to securely wipes the hard disks use dban.

Do you use any other utility for file shredding or file wiping? Do you have a better solution for file wiping on journaling file systems? Please share your experience in the comments!

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source & DevOps topics via:
CategoryList of Unix and Linux commands
File Managementcat
FirewallCentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNCentOS 8 Debian 10 Firewall Ubuntu 20.04

4 comments… add one
  • Binny V A Jul 18, 2007 @ 6:40

    I don’t have much stuff to shred – but I am sure this will come in handy someday.

    Do you know how to recover deleted files on ext3 and other file systems? There are many times I when I have deleted a file by mistake. I will really appreciate a post on that topic.

  • 🐧 nixCraft Jul 18, 2007 @ 12:38

    Backup is the best defense but I will address your issue later on.

  • n.cristian Jan 3, 2009 @ 0:17

    -x : Add a zero to hide shredding

    Well, according to man, -z it’s used to overwrite with zeros, not -x. You should correct that typo mistake 😉

  • felipe1982 May 26, 2011 @ 2:09

    -z — overwrite with zeros

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.