3 Ways To Securely Erase A Hard Drive On Linux
Each time you re-install Linux and format your hard drive partitions, their data isn’t fully purged. Meaning anyone who acquires an old hard drive that’s not adequately erased can recover sensitive data. Don’t worry, we’ll cover all of the best ways to erase a hard drive on Linux. Everything from DD, to Shred and even DBAN.
Note: Shred and DD require knowing what letter is assigned to the drive you want to erase. To find the drive letter, open a terminal and enter the lsblk command. The names they show correspond to the hard drives.
Zeroing A Drive – DD
The most common method for securely erasing a Linux hard drive (aka zeroing) is the DD command. This method is slow, but because every Linux and Unix system comes with the DD tool pre-installed, it’s very accessible. That said, DD will not zero a drive currently in use. Meaning you can’t just do a DD overtop of your running Linux operating system. Instead, you’ll need to either unplug the hard drive and put it in another PC or load up a Linux live disk.
Assuming you’ve done one of these two things, here’s how to securely erase a Linux hard drive using DD:
Step 1: make sure the drive isn’t mounted. If it is attached, unmount it using the file manager. Alternatively, use the umount command.
Note: replace X with the actual drive letter, and the Y with the partition number (e.g., /dev/sda1).
sudo umount /dev/sdXY -l
sudo dd if=/dev/urandom of=/dev/sdX bs=10M
Using /dev/urandom to write zeros on top of your entire hard drive takes a very long time. The best way to use DD is to turn it on and let it run overnight. By the next day, everything should be good to go. You’ll know that the DD command is done when you can type in the terminal window again.
Using Shred
Another way to erase a hard drive is with the GNU Shred tool. Like DD, it’s included on all Linux distributions in some form. Unlike DD, it can delete both files and entire hard drives. This method is ideal if you want to erase aspects of the hard drive, but maybe not the whole file system. Here’s how to delete files with shred:
shred -u file.odt photo1.png photo2.zip
or
find /path/to/folder/to/shred/ -exec shred {} \;
Lastly, use the Shred tool to erase a hard drive by running this command.
Like DD, Shred takes a while. Best to run this tool overnight and let it delete everything. When the terminal can accept typing again, you’ll know it’s finished.
Note: change X with your drive letter (e.g. /dev/sda).
sudo shred -vfz /dev/sdX
Other Methods
If DD and Shred aren’t enough, consider the Darik’s Boot And Nuke tool. It’s a Linux powered open source tool that deletes anything and everything connected to your PC, as long as it’s running. Using DBAN requires a USB live disk.
- Download the Etcher USB imaging tool, as well as the latest DBAN ISO image. The DBAN tool is only a 15 MB file, so most USB drives will work.
- When everything is downloaded, open the Etcher USB tool and use it to flash the DBAN ISO image
- Restart your PC
- Be sure to log into your PC’s BIOS and change the bootloader so that the USB key loads first. Note: disconnect any hard drives from your PC that you don’t want to erase. DBAN will delete absolutely everything connected to it.
- On the DBAN boot screen, enter “autonuke” into the prompt. This command will automatically nuke everything connected to the PC. So be very sure that every hard drive you want to save IS NOT CONNECTED, and that only ones you do wish to erase are connected. There is no way to undo this once it’s been done.
- Running autonuke will bring up the DBAN UI. It’ll scan for drives and erase them one at a time. This process takes a long time. You’ll know when DBAN is complete, as it will tell you on the screen. Best to just leave the tool running.
- After the erasing process completes, the screen will turn black and say “All selected disks have been wiped.” Press any key to continue with the tool to the end screen.
Depending on your Linux distribution and security needs, there are many ways to erase your hard drive. Some commands, such as wipe, may require installing through your package manager, so keep that in mind. There are also certain utilities you can install to do the trick. When in doubt, research your specific distro to expand your possibilities. Lastly, if you have highly sensitive data or you’re erasing your drive for your work, you may have sanitation standards you’re required to meet. NIST (National Institute of Standards and Technology) is a great resource for this.
Up to a point, your instructions are some of the clearest I have seen. But it seems the drive I want to delete has 3 partitions. Sda1, sda2, sda5. How so I deal with that?
Will eg: sudo shred -vfz /dev/sda wipe all the partitions?
I think it is important to make it clear to readers that shred fails to serve its purpose when it is used on journal filesystems — as indeed many of them now are, even by default. To not make this clear is likely to provide a false sense of security that the shredding has taken place at the file level, when in fact it isn’t the case.
The other point I would make is that the switches on the commands are not explained. For example, it doesn’t explain why you’ve used the -u switch on shred against a file and what the importance of this is, especially since when shredding the /dev/ device, you haven’t used it, but don’t tell readers why it is important to omit it in that case.