Techno Monastery

How-to Securely Delete Files on Linux

Learn to delete files securely with shred and BleachBit
Tagged in: linux sysadmin security
Updated:

Did you know, files deleted off your computer aren't actually erased?

On computers deleting files is an very common task, so it needs to be done as efficiently as possible. Deletion is done by marking the file as deleted and its space writable. The data of the file still exists until overwritten and it can be easily recovered with tools like TestDisk. For certain files containing private information it would be better to complete erase the file from the disk.

WARNING: deleting files using the following CANNOT BE RECOVERED, be careful!

The shred Command

On Linux shred is a command provided by the GNU coreutils package, it can securely delete files by overwriting them with random data.

As an example, lets test shred on a file. To be safe we'll create one, although any file will do (just be sure it's backed up). In a terminal lets create a file:

echo "this is some text" > test.txt
echo "here is some more" >> test.txt
echo "and even more here" >> test.txt
cat test.txt

Now lets try out shredding the file

shred test.txt
cat test.txt
shred-example.png
The results of running the shred command on a file.

Absolute garbage, perfect! That means its working, as the random data written by shred will have no meaning when output to the terminal.

You'll notice shred has not deleted the actual file, only overwritten it. This should be fine as most confidential information exists primarily in the file. However, if filename itself contains confidential information that can be overwritten as well

shred -u my-ssn-123-45-6789.txt
# OR
shred --remove=wipe my-ssn-123-45-6789.txt

The shred(1) man page goes into more depth on the removal options:

Delete FILE(s) if –remove (-u) is specified. The default is not to remove the files because it is common to operate on device files like /dev/hda, and those files usually should not be removed. The optional HOW parameter indicates how to remove a directory entry: 'unlink' => use a standard unlink call. 'wipe' => also first obfuscate bytes in the name. 'wipesync' => also sync each obfuscated byte to disk. The default mode is 'wipesync', but note it can be expensive.

BleachBit

BleachBit is a tool for deleting unnecessary program files and caches. In addition to recovering additional disk space, BleachBit can securely delete these files by enabling the Overwrite option from the preferences menu.

BleachBit is useful in that it auto-detects what software you have installed on your computer and shows you only relevant cleaners with descriptions of each option.

bleachbit.png

Limitations of Overwriting on Modern Systems

On modern computers, there is no way to guarantee a file is completely erased. SSDs, journaling file systems (ext3/ext4), and copy-on-write file systems (btrfs/zfs) mean that files may have any number of redundant copies. The only 100% secure option is a complete drive wipe with ATA Secure Erase.

In these cases the best alternative to secure deletion is full disk encryption. That way even if file remnants remain on the system they will be unreadable to others without the password.