Commands using shred (11)

  • This command securely erases all the unused blocks on a partition. The unused blocks are the "free space" on the partition. Some of these blocks will contain data from previously deleted files. You might want to use this if you are given access to an old computer and you do not know its provenance. The command could be used while booted from a LiveCD to clear freespace space on old HD. On modern Linux LiveCDs, the "ntfs-3g" system provides ReadWrite access to NTFS partitions thus enabling this method to also be used on Wind'ohs drives. NB depending on the size of the partition, this command could take a while to complete. Show Sample Output


    8
    # cd $partition; dd if=/dev/zero of=ShredUnusedBlocks bs=512M; shred -vzu ShredUnusedBlocks
    mpb · 2009-06-21 14:17:22 12
  • Instead, install apt-get install secure-delete and you can use: -- srm to delete file and directory on hard disk -- smem to delete file in RAM -- sfill to delete "free space" on hard disk -- sswap to delete all data from swap


    6
    shred -u -z -n 17 rubricasegreta.txt
    0disse0 · 2010-01-31 15:24:54 7

  • 6
    sudo shred -vz -n 0 /dev/sdb
    bugmenot · 2012-08-06 22:37:44 6
  • GNU shred is provided by the coreutils package on most Linux distribution (meaning, you probably have it installed already), and is capable of wiping a device to DoD standards. You can give shred any file to destroy, be it your shell history or a block device file (/dev/hdX, for IDE hard drive X, for example). Shred will overwrite the target 25 times by default, but 3 is enough to prevent most recovery, and 7 passes is enough for the US Department of Defense. Use the -n flag to specify the number of passes, and man shred for even more secure erasing fun. Note that shredding your shell history may not be terribly effective on devices with journaling filesystems, RAID copies or snapshot copies, but if you're wiping a single disk, none of that is a concern. Also, it takes quite a while :)


    5
    shred targetfile
    sud0er · 2009-04-28 19:57:43 9
  • remove file that has sensitive info safely. Overwrites it 33 times with zeros


    2
    shred -n33 -zx file; rm file
    copremesis · 2009-05-08 19:15:41 8
  • This command remove a file from your filesystem like the normal rm command but instead of deleting only the inode information this also delete the data that was stored on blocks /!\ warning this may be long for large files Show Sample Output


    1
    function rrm(){ for i in $*; do; if [ -f $i ]; then; echo "rrm - Processing $i"; shred --force --remove --zero --verbose $i; else; echo "Can't process $i"; type=$(stat "$1" -c %F); echo "File $i is $type"; fi; done;}
    thelan · 2010-06-10 22:40:27 8

  • 0
    shred -vzu /tmp/junk-file-to-be-shredded
    mpb · 2009-06-18 12:00:19 11
  • Make sure the file contents can't be retrieved if anyone gets ahold of your physical hard drive. With hard drive partition: gpg --default-recipient-self -o /path/to/encrypted_backup.gpg -e /dev/sdb1 && shred -z /dev/sdb1 WARNING/disclaimer: Be sure you... F&%k it--just don't try this.


    0
    gpg -e --default-recipient-self <SENSITIVE_FILE> && shred -zu "$_"
    h3xx · 2011-07-24 05:51:47 4
  • Instead of zeroing the filesystem, this command overwrites N times (default is 3) the disk content, making data recovery much harder. The command accepts many more options


    0
    shred --iterations=N /dev/sdaX
    bibe · 2012-01-23 20:40:36 9
  • Shred can be used to shred a given partition or an complete disk. This should insure that not data is left on your disk


    -2
    sudo shred -zn10 /dev/sda
    dcabanis · 2009-04-30 13:02:43 8

  • -5
    shred -v filename
    techie · 2013-05-07 14:58:17 7

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

FizzBuzz in one line of Bash
The (in)famous "FizzBuzz" programming challenge, answered in a single line of Bash code. The "|column" part at the end merely formats the output a bit, so if "column" is not installed on your machine you can simply omit that part. Without "|column", the solution only uses 75 characters. The version below is expanded to multiple lines, with comments added. for i in {1..100} # Use i to loop from "1" to "100", inclusive. do ((i % 3)) && # If i is not divisible by 3... x= || # ...blank out x (yes, "x= " does that). Otherwise,... x=Fizz # ...set x to the string "Fizz". ((i % 5)) || # If i is not divisible by 5, skip (there's no "&&")... x+=Buzz # ...Otherwise, append (not set) the string "Buzz" to x. echo ${x:-$i} # Print x unless it is blanked out. Otherwise, print i. done | column # Wrap output into columns (not part of the test).

Minimize active window
Bind it to some shortcut key, using something like xbindkeys-config (if you do not have xbindkeys: apt-get install xbindkeys xbindkeys-config)

Add SVN keywords property to all PHP and Javascript files

View the current number of free/used inodes in a file system
tune2fs also provides the same information . But the information does not give the current usage , it gives the information when the file system was last mounted. http://www.zaman4linux.in/2010/10/using-up-all-the-free-inodes.html

Compress files found with find
tar options may change ;) c to compress into a tar file, z for gzip (j for bzip) man tar -print0 and -0t are usefull for names with spaces, \, etc.

Lists all listening ports together with the PID of the associated process
Lists all opened sockets (not only listeners), no DNS resolution (so it's fast), the process id and the user holding the socket. Previous samples were limiting to TCP too, this also lists UDP listeners.

grep processes list avoiding the grep itself
Trick to avoid the form: grep process | grep - v grep

Send a backup job to a remote tape drive on another machine over SSH
I use this all the time for taking manual backups of stuff i want to keep but not important enough to backup regularly.

Check if a machine is online
PING parameters c 1 limits to 1 pinging attempt q makes the command quiet (or silent mode) /dev/null 2>&1 is to remove the display && echo ONLINE is executed if previous command is successful (return value 0) || echo OFFLINE is executed otherwise (return value of 1 if unreachable or 2 if you're offline yourself). I personally use this command as an alias with a predefined machine name but there are at least 2 improvements that may be done. Asking for the machine name or IP Escaping the output so that it displays ONLINE in green and OFFLINE in red (for instance).

Use top to monitor only all processes with the same name fragment 'foo'
top accecpts a comma separated list of PIDs.


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: