2

as I am new Linux user I don't really know yet where's path to my disk, so therefore also I don't know how to wipe out data from it.

As I mentioned I would need something that will wipe out a hard disk, so I did a bit of googling and I found out that something like command shred will most likely suit me.

Now, I found out that this is syntax of command:

shred [OPTIONS] FILE [...]

So, I would probably run shred with these options:

shred -vfzu -n 25

Now back to my problem, I don't know what's the path of my hard drive, because I have exactly 4 sda parts in /dev/, and they are:

sda
sda1
sda2
sda5

So, my question here is which one of these should I even shred? And how can I know it's the right one?

str1ng
  • 145
  • sda1 is partition 1 on drive sda, sda2 partition 2 on drive sda etc.... It very much depends on what you want to shred and only you know that.... – Bruni Jun 07 '21 at 13:34
  • 1
    You should shred the whole drive (disk), that is /dev/sdx, where x is the device letter, in your case a. You should be very careful, because that drive letter may change, and if you get it wrong, you might destroy valuable data. - shred can do the job, but many people claim that it is overkill to overwrite several times. It is enough to overwrite with zeros once, which you can do with other tools, and it will be faster, and cause less wear of the hardware. You can use Disks alias gnome-disks or mkusb. – sudodus Jun 07 '21 at 13:40
  • @Bruni Ahh, alright gotcha... – str1ng Jun 07 '21 at 13:47
  • @sudodus So using shred would affect HDD? Thanks for info btw – str1ng Jun 07 '21 at 13:52
  • @str1ng, Shred will overwrite the data on the drive or partition, that you tell it to shred. And you get the best result, when you overwrite the whole disk (drive in linux terminology). – sudodus Jun 07 '21 at 13:56

3 Answers3

3

  • shred /dev/sda will shred the whole disk from the first to the last sector, so everything, including partition table will be erased.

  • shred /dev/sda1 will shred the first partition on the disk. This will destroy the filesystem in this partition, the partition table entry for this partition remains.

  • shred /dev/sda2 will shred the second partition on the disk. If this is an extended partition which acts as a container for sda5, then /dev/sda5 will be completely erased, but the partition table entry for /dev/sda2 remains.

  • shred /dev/sda5 will erase the contents of this partition, the partition itself will remain.

Of course, you will need root privileges, so use sudo or run as root. Very helpful might be a command like

lsblk -f

wich will give you sufficient information about your devices.

Since shredding the whole drive or a partition which is currently in use will most probably end with unwanted side effects, consider booting from USB.

mook765
  • 15,925
  • Thank you, this was super detailed and useful. Can you explain me more on how exactly does it affects HDD? – str1ng Jun 07 '21 at 13:55
  • We are writing to files here, but this files are not regular files like text files, this are files representing block-devices such as your HDD or the partitions on it. /dev/sda represents the diskspace from the first to the last sector. The others represent the partitons, disk-space from sector x to sector y as defined in the partition table (which resides in /dev/sda). So when you shred a partition, you only shred the content of the partition, but nothing changes in the partition table which is stored in the first sectors of /dev/sda. – mook765 Jun 07 '21 at 14:13
  • Ahhh, okay gotcha. – str1ng Jun 07 '21 at 14:40
3

General

All these actions should be performed when booted from another drive for example a USB drive.

You should erase the whole drive, that is /dev/sdx, where x is the device letter, in your case a. You should be very careful, because that drive letter may change, and if you get it wrong, you might destroy valuable data.

HDD and shred

shred can erase the data on a HDD, hard disk drive, but many people claim that it is overkill to overwrite several times. It is enough to overwrite with zeros once, which you can do with other tools, and it will be faster, and cause less wear of the hardware. You can use

  • Disks alias gnome-disks or
  • mkusb.

SSD (and HDD) connected via SATA or NVME

If you have an SSD connected via SATA or NVME, you should avoid using the tools above. Instead you should use the built-in tool to remap the links between the logical memory locations and physical memory cells. This can be done via the command line tool hdparm in Ubuntu. This works like advanced encryption, where the key is thrown away and is much faster and causes much less wear compared to overwritng.

A fairly new hard disk drive (HDD) connected via SATA can also be remapped using hdparm.

  • Lock the drive with hdparm and the option --security-set-pass

  • Erase the drive with hdparm and the option --security-erase

  • Unlock the drive with hdparm and the option --security-unlock

See man hdparm for more details.

SSD (and HDD) connected via USB

Warning: Using the built-in tool via hdparm is very risky and should be avoided, when the drive is connected via USB.

USB pendrive and memory card and other drives connected via USB

You can use

  • Disks alias gnome-disks or
  • mkusb

to wipe the whole device of a USB pendrive or memory card and other drives connected via USB.

  • A HDD connected via USB can also be wiped with shred as decribed above.
sudodus
  • 46,324
  • 5
  • 88
  • 152
0
  • sda is the entire disk
  • sda1 is the first partion of that disk and so on.
  • sdb is the second disk
  • sdb1 is the first partition of the second disk and so on.

To wipe the entire disk with all partiontions, use the entire disk - sda. To wipe a specific partition, specify the partiotion - for instance sda2.

Disk device names can differ on different systems.

Shred is an excellent tool but be warned, it is really easy for an unexperienced user to wipe the wrong partition or disk. If so you loose your data permanently.

BTW, 25 passes will take a long time to complete. I'd change that to 1 or two if it's not Top Secret information we are talking about.

For solid state drives (SDD) you should use the ATA secure erase function of the disk. This will erase the entire disk. The reason for not using shred is that modern SDD disks distributes disk writes over the entire disk in order to prolong the life of the disk. Sadly this means that it is hard to securely overwrite data.

Follow this guide in order to perform an ATA secure erase : ata.wiki.kernel.org

Level9
  • 347
  • Ohh alright, so if I want to delete everything I should just specify /dev/sda ... Well, in case I do use shred, I will certainly want to delete everything, I might change it to 5 passes with option to overwrite it with 0's ...

    Thanks!

     – str1ng Jun 07 '21 at 13:50