Command - Securely Erase Files and Disks with shred
2 min read

Command - Securely Erase Files and Disks with shred

SecuritySystem AdministrationFile Management

When you delete a file normally, the data is often not truly gone right away. The filesystem usually just marks the space as available, which means recovery tools may still be able to find old content. That matters when you are retiring a USB drive, removing logs with sensitive data, or cleaning up files that contain secrets, credentials, or private information.

One simple Unix tool for this job is shred. It repeatedly overwrites data before removing it, making casual recovery much harder.

What shred Does

shred is a command-line tool that overwrites files or devices with random-looking data and then optionally deletes them.

Important options:

  • -u
    Remove the file after overwriting it. Without this, the file remains on disk.

  • -n N
    Number of overwrite passes. More passes take longer.

  • -z
    Add a final pass of zeros to hide the fact that shredding took place.

  • -v
    Verbose output, useful for tracking progress.

  • -f
    Force permission changes if needed.

A few practical notes:

  • shred is best for regular files and some removable media.
  • It is less reliable on SSDs (solid-state drives) because wear leveling can move data around internally.
  • It is not a guarantee against advanced forensic recovery in all cases.
  • For full-disk cleanup, consider using it only when you understand the storage type and risks.

Practical Examples

Securely erase a single file

Terminal window
shred -u -v secret-notes.txt

This overwrites the file and then deletes it.

Use multiple overwrite passes

Terminal window
shred -u -v -n 3 secret-notes.txt

This performs three overwrite passes before removal.

Add a final zero pass

Terminal window
shred -u -v -n 3 -z secret-notes.txt

This makes the file appear like ordinary empty data after shredding.

Wipe a removable disk or partition

First, identify the device carefully:

Terminal window
lsblk

Then shred the device by name, for example:

Terminal window
sudo shred -v -n 1 -z /dev/sdb

If you want to remove the partition table and contents from a removable drive, this will overwrite the entire device. Be extremely careful: choosing the wrong device can destroy the wrong disk.

Safer approach for a mounted file system

Unmount the device first:

Terminal window
sudo umount /dev/sdb1

Then shred the partition:

Terminal window
sudo shred -v -n 1 -z /dev/sdb1

Requirements

  • GNU coreutils package, which includes shred on most Linux systems
  • sudo privileges for raw disks and partitions
  • A Unix-like system such as Linux, BSD, or macOS with compatible tooling

Final Notes

Use shred when you need a simple overwrite-based cleanup tool for files or removable media. For modern SSDs, encrypted drives, or enterprise storage, device-specific secure erase methods may be more appropriate. Always verify the target device before running a destructive command.