There are times when you need to delete a file...REALLY need to delete a file. Anyone who has been in the business of PCs long enough knows that when you simply delete a file it can be recovered. If someone is clever enough, and has the means, they could recover a file that had been written over even by re-installing an OS over the original file.
So...when you know you have to get rid of a file, so that it can never be recovered, what do you do? Well, in Linux you have a number of options. One of those options is secure-delete. This tool is quite handy in that it can securely remove files, folders, and even securely clean free space on your drive. In this article I am going to show you how to install and use secure-delete.
Installation of secure-delete is easy. Since this tool is a command-line only tool, I will show you how to install it from the command line. Here are the steps.
- Open up a terminal window.
- Issue the command
sudo apt-get install secure-delete.
- Type your sudo password (that's your user password, in case you weren't aware) and hit Enter.
- Allow the installation to complete.
You now have secure-delete installed on your machine and ready to start trashing those files and folders.
Deleting a file
Let's say you have a file in your home directory (~/) called secret_stuff.txt. To delete this with secure-delete you would use the srm command (secure remove). To do that you would issue the command like so:
That file is now VERY gone. Don't expect the removal of he file to be as fast as it would with the rm command. Why does it take longer? When you issue the srm command on a file, secure-delete does the following:
- 1 Pass with 0xff.
- 5 Random passes.
- 27 Passes with special values defined by Peter Gutmann (a leading cryptographer).
- Rename the file to random value.
- Truncate the new file.
Between each pass the file is also opened by O_SYNC mode and then an fsync() call is made.
Deleting a folder
Deleting a folder is as simple as deleting a file. Let's say you have the folder ~/secret_stuff that needs to be deleted for good. To do this with srm you would use the -r (recursive) switch like so:
srm -r ~/secret_stuff
Depending upon the size and the amount of the directory contents, the deletion will take some time.
Clearing free space
If you have installed and re-installed OSes on your computer, you could very easily have residual files remaining in the free space of your current installation. You can ensure that space is free of any traces of files or folders with the command sfill. There are two things about this command you need to know: You have to have admin rights (so you have to use sudo) and you have to know the mount point of the free space. This command is very slow, so make sure you give it plenty of time to run. Let's say you have a drive attached to your machine that has been used a number of times and is mounted to /media/external. To completely clean out the free space on this drive you would issue the command:
sudo sfill /media/external
After some time the free space on that particular drive would be completely free of any trace of directories or files.
Using the secure-delete tools is a sure-fire way to permanently and irrevocably remove data from a drive. This tool is so powerful even forensics teams would have trouble extracting data from the drive. Just make sure you use this tool with caution, so you do not securely delete files you actually want to keep!