BestHub
Sign in
Information Security 7 min read

How to Permanently Erase Files on Linux: Master Shred, Wipe, and More

This guide explains why simply deleting files isn’t enough, then walks through six Linux command‑line tools—shred, wipe, secure‑delete (srm), sfill, sswap, and sdmem—detailing their options, installation steps, and usage to ensure data is permanently unrecoverable.

MaGe Linux Operations
MaGe Linux Operations
MaGe Linux Operations
How to Permanently Erase Files on Linux: Master Shred, Wipe, and More

In most cases we delete files using the Delete key, the trash, or the rm command, but this only hides the file; it remains somewhere on the disk and can be recovered by attackers.

If a file contains confidential data such as system usernames and passwords, an attacker with the necessary knowledge can easily recover the deleted copy and access those credentials.

This article explains several command‑line tools for permanently and securely deleting files on Linux.

1. shred – overwrite files to hide contents

shred overwrites a file to conceal its data and can also delete it. Various options control the number of passes, random data usage, and file removal. Use shred --help for a full list of options.

2. wipe – securely delete files on Linux

wipe securely erases files on magnetic storage so they cannot be recovered. First install the wipe tool, then run the appropriate command.

The following command destroys all files in the private directory.

When using the flags shown below, wipe works reliably on magnetic disks but not on SSDs.

Read the wipe manual for additional options.

3. secure‑delete (srm) – secure file removal

The secure-delete suite includes srm for securely deleting files and directories. Install it first.

After installation, use srm with the desired options.

Typical options are shown below.

Read the srm manual for more options.

4. sfill – secure free‑space eraser

sfill

is part of the secure‑deletion suite and overwrites free disk or inode space with random data from /dev/urandom. Example command on the root partition with verbose output:

If you have a separate /home partition, you can target a directory on that partition.

See the sfill manual for additional flags and limitations.

5. sswap – secure swap partition eraser

sswap

securely wipes data on a swap partition. Remember to unmount the swap partition first, otherwise the system may crash.

Identify the swap device with swapon, disable it with swapoff, then run sswap on the now‑inactive partition.

Read the sswap manual for more options.

6. sdmem – secure memory eraser

sdmem

securely erases data stored in RAM. It was originally named smem, but was renamed to avoid conflict with another Debian package.

Consult the sdmem manual for detailed usage.

secure deletiondata sanitizationshredwipe
MaGe Linux Operations
Written by

MaGe Linux Operations

Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment