4 Linux tools to erase your data | Opensource.com

4 Linux tools to erase your data

Erase data from your hard disk drive with these open source tools.

Tools in a cloud
Image by : 
Opensource.com
x

Subscribe now

Get the highlights in your inbox every week.

One of the best ways to keep your data secure is by only writing data to an encrypted hard drive. On a standard drive, it's possible to view data just by mounting the drive as if it were a thumb drive, and it's even possible to display and recover even deleted data with tools like Scalpel and Testdisk. But on an encrypted drive, data is unreadable without a decryption key (usually a passphrase you enter when mounting the drive.)

Encryption can be established when you install your OS, and some operating systems even make it possible to activate encryption any time after installation.

What do you do when you're selling a computer or replacing a drive that never got encrypted in the first place, though?

The next best thing to encrypting your data from the start is by erasing the data when you're finished with the drive.

Responsible caretaker

I'm frequently called on to help clients upgrade an old computer. Invariably, they're more than willing to help me recycle them so that they can be used by someone else. I'm happy to refurbish these older computers and refit them with a newer solid-state drive, dramatically improving performance.

However, it's not a good idea to just throw an old drive in the trash. It needs to be erased and then disposed of properly. Rather than leave the drives in the original computer, I remove them, place them in a drive enclosure, and connect them to my Linux computer. Several Linux utilities can easily accomplish this. One of them is the Gnu Shred tool.

GNU Shred

$ sudo shred -vfz /dev/sdX

Shred has many options:

  • n - the number of overwrites. The default is three.
  • u - overwrite and delete.
  • s - the number of bytes to shred.
  • v - show extended information.
  • f - force the change of permissions to allow writing if necessary.
  • z - add a final overwrite with zeros to hide shredding.

Use shred --help for more information

ShredOS

ShredOS is a live Linux distribution with the sole purpose of erasing the entire contents of a drive. It was developed after a similar distribution, called DBAN, was discontinued. It uses the nwipe application, which is a fork of DBAN's dwipe. You can make a bootable USB drive by downloading the 32 bit or 64 bit image and writing it to a drive with the dd command on Linux and macOS:

$ sudo dd if=shredos.img of=/dev/sdX bs=4M status=progress

Alternately, you can use the Etcher tool on Linux, macOS, and Windows.

The dd command

A common method for erasing drives is with the Linux dd command. Nearly every Linux installation comes with the dd utility installed. Make sure that the drive is not mounted.

$ sudo umount /dev/sdXY -l

If you want to write zeros over your entire target disk, issue the following command. It will probably be an overnight job.

$ sudo dd if=/dev/urandom of=/dev/sdX bs=10M

Warning: Be sure that you know where you are on your system and target the correct drive so that you don't accidentally erase your own data.

Nvme-cli

If your computer contains one of the newer NVMe drives, you can install the nvme-cli utilities and use the sanitize option to erase your drive.

The command nvme sanitize help command provides you with a list of sanitize options, which include the following:

  • --no-dealloc, -d - No deallocate after sanitize.
  • --oipbp, -i - Overwrite invert pattern between passes.
  • --owpass=, -n - Overwrite pass count.
  • --ause, -u - Allow unrestricted sanitize exit.
  • --sanact=, -a - Sanitize action.
  • --ovrpat=, -p - Overwrite pattern.

Here is the command I use:

$ sudo nvme sanitize /dev/nvme0nX

The same warnings apply here as with the format process: back up important data first because this command erases it!

Information management

The information you keep on your computer is important. It belongs to you and to know one else. When you're selling off a computer or disposing of a hard drive, make sure you've cleared it of your data with one of these great tools.

Command line prompt

The nvme-cli command has lots of useful options, and it's a great way to take control of how you manage your data.
computer servers processing data

Harden your Linux server in seven easy steps.
Lock

VeraCrypt offers open source file-encryption with cross-platform capabilities.

About the author

Don Watkins - Educator, entrepreneur, open source advocate, life long learner, Python teacher. M.A. in Educational Psychology, MSED in Educational Leadership, Linux system administrator, Follow me at @Don_Watkins .