From Glee
Jump to: navigation, search


If you've ever wondered what the best way to properly dispose of old storage, no need to look for dd tricks with /dev/random content. The solution is included in coreutils : /usr/bin/shred.

The command operates on files or block devices, and overwrites the data 25 times by default, which is enough to make it virtually unrecoverable. This is perfect for decommissioned hardware, such as servers or external storage devices, in order to ensure no potentially confidential data remains recoverable.

RHEL5 help output

Usage: shred [OPTIONS] FILE [...]
Overwrite the specified FILE(s) repeatedly, in order to make it harder
for even very expensive hardware probing to recover the data.

Mandatory arguments to long options are mandatory for short options too.
  -f, --force    change permissions to allow writing if necessary
  -n, --iterations=N  Overwrite N times instead of the default (25)
  -s, --size=N   shred this many bytes (suffixes like K, M, G accepted)
  -u, --remove   truncate and remove file after overwriting
  -v, --verbose  show progress
  -x, --exact    do not round file sizes up to the next full block;
                   this is the default for non-regular files
  -z, --zero     add a final overwrite with zeros to hide shredding
  -              shred standard output
      --help     display this help and exit
      --version  output version information and exit

Delete FILE(s) if --remove (-u) is specified.  The default is not to remove
the files because it is common to operate on device files like /dev/hda,
and those files usually should not be removed.  When operating on regular
files, most people use the --remove option.

CAUTION: Note that shred relies on a very important assumption:
that the filesystem overwrites data in place.  This is the traditional
way to do things, but many modern filesystem designs do not satisfy this
assumption.  The following are examples of filesystems on which shred is
not effective:

* log-structured or journaled filesystems, such as those supplied with
  AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)

* filesystems that write redundant data and carry on even if some writes
  fail, such as RAID-based filesystems

* filesystems that make snapshots, such as Network Appliance's NFS server

* filesystems that cache in temporary locations, such as NFS
  version 3 clients

* compressed filesystems

In addition, file system backups and remote mirrors may contain copies
of the file that cannot be removed, and that will allow a shredded file
to be recovered later.

Report bugs to <>.


  • Dispose of a logical volume :
shred -v /dev/vg0/lvname
lvremove /dev/vg0/lvname
  • Dispose of an entire emptied physical volume, 5 pass instead of the default 25 then fill with zeroes :
pvremove /dev/sdb1
shred -v -n 5 -z /dev/sdb1
  • Dispose of a Xen domU image file, remove it when finished :
shred -v -u /var/lib/xen/images/vm1.img
  • Dispose of an entire machine's content by booting off the install CD/DVD in rescue mode :
shred -v /dev/sda