Home > File & Directory Management > shred

shred: Securely delete file contents

The shred command is used to securely delete file contents by overwriting them multiple times, making them unrecoverable. While regular file deletion may leave data recoverable, shred is useful when dealing with sensitive information.

Overview

shred overwrites file contents with random data multiple times and optionally deletes the file, making data recovery difficult. Be aware that its effectiveness may be limited on SSDs and journaling file systems.

Key Features

  • Overwrites file contents multiple times
  • Optionally deletes the file after overwriting
  • Prevents recovery of sensitive data
  • Can securely delete entire disk partitions

Key Options

Controlling Deletion Behavior

Generated command:

Try combining the commands.

Description:

`shred` Executes the command.

Combine the above options to virtually execute commands with AI.

Usage Examples

The shred command is irreversible once executed, so extreme caution should be exercised when using it.

Overwrite and delete a file

shred -u my_secret_file.txt

The most common usage: overwrite a file 3 times and then delete it.

Specify overwrite count and delete

shred -n 5 -u another_secret.doc

Overwrite a file 5 times and then delete it.

Zero out the last overwrite and delete

shred -z -u confidential_data.zip

Overwrite a file, fill the last overwrite pattern with zeros, and then delete it.

Delete with progress display

shred -v -u large_file.log

Overwrite and delete a file, showing detailed progress.

Securely delete an entire disk partition (EXTREMELY DANGEROUS)

sudo shred -v -n 3 /dev/sdb1

WARNING: This command will irrecoverably delete all data on the specified disk partition. It can render your system unbootable, so use it only when absolutely necessary and ensure you have identified the target device correctly.

Tips & Caveats

The shred command is powerful, but its effectiveness may be limited or behave unexpectedly in certain environments.

Limitations of shred

The effectiveness of shred may be limited in the following environments:

  • **SSDs and Journaling File Systems**: SSD wear-leveling features or journaling file systems like ext3/4 and XFS may write data to different physical locations, preventing shred from completely overwriting the original data.
  • **Network File Systems (NFS, SMB, etc.)**: On network file systems, shred might only operate on the client side and not overwrite the actual data on the server.
  • **Snapshot/Backup Systems**: If snapshot or backup features are in use, shred might delete the original data, but it could still exist in snapshots.
  • **Compressed File Systems**: Compressed file systems may not work effectively with shred due to how data is stored.

Alternatives

If you need to securely delete sensitive data in the environments mentioned above, encrypting the entire disk or physically destroying the disk might be safer options. Alternatively, you could consider using the `dd` command to overwrite the entire disk with `/dev/urandom`.

Caution: Cannot delete directories

shred is a tool for overwriting file contents, so it cannot directly delete directories. To delete files within a directory, you must run shred on each individual file.

Same category commands

basename

basename: Extract Filename from Path

basename-u

basename-u: Extracting Filenames (basename command)

basename-w

basename-w: Extract Filename from Path (Virtual)

cd

cd Command Guide: Basics of Directory Navigation

chattr

chattr: Change File Attributes