There are plenty of free and paid software available to recover the deleted data from a hard drive. You may not want your personal data to be recovered or you simply wants to make it harder to recover the data. Because, someone might recover and misuse the data for their own benefit. So, it is very important that you must remove all personal, official, or any kind of important data before selling or exchanging your old hard drive. This brief tutorial describes how to securely and permanently delete your data in Linux.
While there are many tools and methods are available to delete your important files or folders in Unix-like operating systems, we are going to see only one tool named "secure-delete". It provides four useful utilities that helps you to securely and permanently erase the data from your system, so that it would be very hard to recover those data by using any data recovery software.
A word of caution: Please remember that it is very hard to recover after deleting your files or folders using secure-delete. So, double check before using secure-delete utilities. Also, all of these are unnecessary and dangerous on SSD drives or other flash based media. SSDs store data differently from hard disk drives. I recommend you to use the manufacturer utilities to erase SSDs. For HDDs, this method will just work fine as described below.
secure-delete is available in the default repositories of DEB and RPM based systems.
In Debian, Ubuntu, Linux Mint, you can install secure-delete using command:
$ sudo apt-get install secure-delete
$ sudo dnf install secure-delete
$ yay -S secure-delete
Securely And Permanently Delete Your Data In Linux
Like I already mentioned, secure-delete package provides the following four utilities to securely erase file/folder, disk, swap, and memory of your Linux system.
- srm - secure remove
- sfill - Secure free disk and inode space wiper
- sswap - Secure swap wiper
- smem - secure erase memory
Let us discuss the usage of each command with examples.
srm is used to erase your files and folders securely and permanently, so the data can't be recovered by data recovery software, law enforcement or any other threats.
The typical syntax of this command is:
srm [-d] [-f] [-l] [-l] [-r] [-v] [-z] files
- -d - Ignore the two special dot files . and .. on the command line.
- -f - fast and insecure mode. no /dev/urandom, no synchronize mode.
- -l - lessens the security. If you use this option for second time, it lessens the security even more.
- -r - Recursive mode (Deletes all sub-directories and its contents).
- -v - Verbose mode.
- -z - Wipes the last write with zeros instead of random data.
srm usage is pretty same as rm command.
The following command will recursively delete a folder called ostechnix.
$ sudo srm -r ostechnix
And this one will delete a file called sk.txt.
$ sudo srm sk.txt
Please note that srm will not completely delete NFS shares (remote file systems), RAID systems, and swap file system.
sfill will scan the specified partition or directory and look for space marked as free or available. If there is any free space, it will fill it up with some random data ensuring that there are no more recoverable data on the specified partition.
The syntax for this command is:
sfill [-f] [-i] [-I] [-l] [-l] [-v] [-z] directory/mountpoint
The following command will fill some random data on the empty space in the /home partition.
$ sudo sfill /home
Swap partition can be used when the RAM is full. If the system needs more memory resources and the RAM is full, inactive pages in memory are moved to the swap space. To securely erase this data (inactive pages), you need sswap utility. As the name implies, sswap command will securely erase the data from swap partition.
The syntax of sswap command is:
sswap [-f] [-l] [-l] [-v] [-z] swapdevice
First, find the swap partition using command:
$ cat /proc/swaps
Sample output of the above command in my Arch Linux is:
Filename Type Size Used Priority /dev/sda3 partition 2097148 25144 -1
As you see above, my swap partition is /dev/sda3.
Disable swap partition using command:
$ sudo swapoff /dev/sda3
Now, securely wipe the swap partition's data with command:
$ sudo sswap /dev/sda3
After securely erasing the Swap partition's data, enable it back:
$ sudo swapon /dev/sda3
semem command is used to securely erase the contents of the RAM which contains the state of running programs.
The Syntax for the above command is:
smem [-f] [-l] [-l] [-v]
To securely clear the RAM which could contain any sensitive data of running programs, enter the following command:
$ sudo smem
You might want to protect some important files and directories from accidental deletion or modification. Here are the two simple ways to protect your important files from accidental deletion.