How to Use the Linux Command shred and 4 Options

by

In this post, we will explore how to use the Linux command shred, its key options, and some useful tips for its application. Deleting files in a Linux environment is a common task. However, simply deleting a file does not mean its contents are completely gone. Deleted files can leave traces on the file system, making them recoverable with data recovery tools. To prevent this issue, the shred command is used.

What is the Linux Command shred?

The shred command not only deletes a file but also overwrites the data multiple times to make recovery impossible. This process involves overwriting the file contents with random data several times before deleting the file or just overwriting it.

Basic Usage of the shred Command

The most basic usage of the shred command is as follows:

shred filename
ShellScript

This command overwrites the specified file’s data multiple times but leaves the file intact. Since the file is not deleted, the shred command alone may not completely remove traces of the file. Additional commands may be needed to delete the file afterward.

Figure 1. Linux command shred: Executing and overwriting file contents
Figure 1. Linux command shred: Executing and overwriting file contents

Key Options of the shred Command

-n or --iterations Option

This option specifies the number of times the file should be overwritten. By default, shred overwrites the file three times, but this can be adjusted using the -n option.

shred -n 5 filename
ShellScript

The above command overwrites the file five times. The more times the file is overwritten, the harder it becomes to recover.

-z or --zero Option: Fill with Zeroes

After overwriting the file, this option fills it with zeroes to further obscure the file’s contents. Even if the file has been overwritten with random data, filling it with zeroes ensures that anyone inspecting the file will not realize it has been overwritten.

shred -z filename
ShellScript

Although the file size is 4096 bytes, using the cat command to view its contents will show nothing.

Figure 2. Linux command shred: Filling file contents with zeroes
Figure 2. Linux command shred: Filling file contents with zeroes

To further verify, you can use the xxd command to examine the file contents in hexadecimal form, confirming that everything is filled with zeroes.

Figure 3. Linux command shred: Verifying zero-filled file contents using the xxd command
Figure 3. Linux command shred: Verifying zero-filled file contents using the xxd command

-u or --remove Option

This option deletes the file after it has been overwritten. It is commonly used and is useful when you want to completely remove a file.

shred -u filename
ShellScript

Using this command will automatically delete the file after it has been overwritten, further reducing the possibility of recovering the file from the file system.

-v or --verbose Option

This option outputs the process to the screen, allowing you to monitor the current progress. It is useful when you want to see how the file is being overwritten multiple times.

shred -v filename
ShellScript

In the image below, you can see that the file is first filled with random values, then all values are set to 1, followed by random values again, then all zeroes, and finally random values once more.

Figure 4. Linux command shred: Checking the order and process of filling file contents
Figure 4. Linux command shred: Checking the order and process of filling file contents

Precautions When Using shred

There are several things to be cautious of when using the shred command.

  1. File System Types: The shred command may not work consistently across all file systems. For example, in journaling file systems or certain disks like SSDs, the effectiveness of overwriting may be reduced because the file may not be stored in the same physical location. In such cases, additional security measures should be considered.
  2. File Size: Overwriting large files can take a significant amount of time. Since the time taken increases with the file size and the number of overwrites, it may be necessary to adjust the number of overwrites if time is a concern.
  3. Deleting Directories: The shred command cannot delete directories themselves. You need to delete individual files within a directory. To delete all files in a directory at once, you can use a script or apply the command to all files in the directory.

Useful Applications

Use in Automated Scripts

The Linux command shred can be included in automated scripts to periodically delete sensitive data. For instance, you can create a script to securely delete log files or temporary files regularly, reducing the risk of data leakage.

Preventing Data Recovery

When deleting important project files or customer information, you can use the shred command to thoroughly prevent recovery. This plays a crucial role in enhancing security within the company.

Managing External Disks

When you want to completely erase and reuse data on external hard drives or USB drives, using the shred command ensures that the data is securely deleted. This is especially important when drives are sent out externally, as it is crucial to ensure that critical data is properly deleted.

Summary

The Linux command shred provides more than just a simple deletion function in a Linux environment. By overwriting data, it minimizes the possibility of file recovery, and by using the appropriate options, you can securely manage data according to various situations. However, since not all file systems guarantee perfect results, it is important to take additional precautions when necessary. Especially when dealing with sensitive data, the effective use of the shred command can greatly enhance data security.

References

Leave a Comment