Securely delete files with secure-delete

Jack Wallen
Aug 26, 2010
Updated • Dec 28, 2012
Linux
|
3

There are times when you need to delete a file...REALLY need to delete a file. Anyone who has been in the business of PCs long enough knows that when you simply delete a file it can be recovered. If someone is clever enough, and has the means, they could recover a file that had been written over even by re-installing an OS over the original file.

So...when you know you have to get rid of a file, so that it can never be recovered, what do you do? Well, in Linux you have a number of options. One of those options is secure-delete. This tool is quite handy in that it can securely remove files, folders, and even securely clean free space on your drive. In this article I am going to show you how to install and use secure-delete.

Installation

Installation of secure-delete is easy. Since this tool is a command-line only tool, I will show you how to install it from the command line. Here are the steps.

  1. Open up a terminal window.
  2. Issue the command sudo apt-get install secure-delete.
  3. Type your sudo password (that's your user password, in case you weren't aware) and hit Enter.
  4. Allow the installation to complete.

You now have secure-delete installed on your machine and ready to start trashing those files and folders.

Deleting a file

Let's say you have a file in your home directory (~/) called secret_stuff.txt. To delete this with secure-delete you would use the srm command (secure remove). To do that you would issue the command like so:

srm ~/secret_stuff.txt

That file is now VERY gone. Don't expect the removal of he file to be as fast as it would with the rm command. Why does it take longer? When you issue the srm command on a file, secure-delete does the following:

  1. 1 Pass with 0xff.
  2. 5 Random passes.
  3. 27 Passes with special values defined by Peter Gutmann (a leading cryptographer).
  4. Rename the file to random value.
  5. Truncate the new file.

Between each pass the file is also opened by O_SYNC mode and then an fsync() call is made.

Deleting a folder

Deleting a folder is as simple as deleting a file. Let's say you have the folder ~/secret_stuff that needs to be deleted for good. To do this with srm you would use the -r (recursive) switch like so:

srm -r ~/secret_stuff

Depending upon the size and the amount of the directory contents, the deletion will take some time.

Clearing free space

If you have installed and re-installed OSes on your computer, you could very easily have residual files remaining in the free space of your current installation. You can ensure that space is free of any traces of files or folders with the command sfill. There are two things about this command you need to know: You have to have admin rights (so you have to use sudo) and you have to know the mount point of the free space. This command is very slow, so make sure you give it plenty of time to run. Let's say you have a drive attached to your machine that has been used a number of times and is mounted to /media/external. To completely clean out  the free space on this drive you would issue the command:

sudo sfill /media/external

After some time the free space on that particular drive would be completely free of any trace of directories or files.

Final thoughts

Using the secure-delete tools is a sure-fire way to permanently and irrevocably remove data from a drive. This tool is so powerful even forensics teams would have trouble extracting data from the drive. Just make sure you use this tool with caution, so you do not securely delete files you actually want to keep!

Advertisement

Previous Post: «
Next Post: «

Comments

  1. FL said on August 26, 2010 at 11:35 pm
    Reply

    You can use Bleachbit, which also has a function to securely erase (overwrite) individual files and those inside a folder/directory.

    Portable version:
    http://portablelinuxapps.org/
    and of course:
    http://bleachbit.sourceforge.net/

    I am not a fan if the cryptic command line techniques, impractical and too complex to remember and therefore unusable. I have found it handy to be able to have a secure-delete function accessible by highlighting the specific file and doing a mouse right click and hey presto it be gone.

    An example:
    Tools to delete files securely in ubuntu Linux
    http://www.ubuntugeek.com/tools-to-delete-files-securely-in-ubuntu-linux.html

    1. Abe said on August 31, 2019 at 6:59 am
      Reply

      Not a fan of cryptic command line techniques? Maybe linux distros aren’t right for you!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.