shred - delete a file securely, first overwriting it to hide its contents
SYNOPSIS
DESCRIPTION
Overwrite the specified FILE(s) repeatedly, in order to make it harder for even very expensive hardware probing to recover the data.
Mandatory arguments to long options are mandatory for short options too.
- -f, --force
- change permissions to allow writing if necessary
- -n, --iterations= N
- Overwrite N times instead of the default (25)
- -s, --size= N
- shred this many bytes (suffixes like K, M, G accepted)
- -u, --remove
- truncate and remove file after overwriting
- -v, --verbose
- show progress
- -x, --exact
- do not round file sizes up to the next full block
- -z, --zero
- add a final overwrite with zeros to hide shredding
- -
- shred standard output
- --help
- display this help and exit
- --version
- output version information and exit
Delete FILE(s) if --remove (-u) is specified. The default is not to remove the files because it is common to operate on device files like /dev/hda, and those files usually should not be removed. When operating on regular files, most people use the --remove option.
CAUTION: Note that shred relies on a very important assumption: that the filesystem overwrites data in place. This is the traditional way to do things, but many modern filesystem designs do not satisfy this assumption. The following are examples of filesystems on which shred is not effective:
* log-structured or journaled filesystems, such as those supplied with
- AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)
* filesystems that write redundant data and carry on even if some writes
- fail, such as RAID-based filesystems
* filesystems that make snapshots, such as Network Appliance's NFS server
* filesystems that cache in temporary locations, such as NFS
- version 3 clients
* compressed filesystems
In addition, file system backups and remote mirrors may contain copies of the file that cannot be removed, and that will allow a shredded file to be recovered later.
SEE ALSO
The full documentation for shred is maintained as a Texinfo manual. If the info and shred programs are properly installed at your site, the command
- info shred
should give you access to the complete manual.
. 是什么?
shred 是一个可以将你硬盘上的数据彻底清除杜绝恢复的工具. 它的基本原理是先往硬盘或
. 为什么?
昨天我离开原来的公司了, 需要把硬盘上的数据 "洗净", 避免别人可以通过一些数据恢复软件找回经意不经意间留下的敏感数据 (比如我的 QQ 聊天记录, 银行账号信息 - 谁知道 IE 有没有自作聪明给我存哪个旮旯里了).
假如某天你要把自己的机器 (尤其是硬盘), 也务必把硬盘 "洗" 一遍, 免得泄漏个人敏感信息.
. 怎么用?
随便找一张 linux 的启动盘/安装盘/Live CD (我用的是 FC4 的第一张安装盘), 光驱启动到命令行下 (FC4 的安装盘可以通过 boot: linux rescue 进入), 然后敲敲 shred --help, 如果有输出帮助, 那么说明有这工具, 我们可以开始 "洗" 盘了!
[!!! 注意 !!!] 确保你要留下的东西都备份好了, 或者你真的想这么干掉数据, 否则, shred 删掉的东西是无法找回的! shred 的目的就是为了让数据彻底毁灭而诞生的!! 删错东西了别哭噢!! [!!! 注意 !!!]
最简单最直接的 - 清掉整个硬盘里的数据 (假设你的硬盘是 /dev/hda): shred -vz -n 3 /dev/hda
v 表示输出运行时的信息; z 表示清除完毕之后往硬盘里填 0; -n 3 表示用随机数据把硬盘覆盖三次 (如果不指定的话, 默认是覆盖 25 次!)
如果要清某个分区, 比如象我 windows 的 C 盘对应的是 /dev/hda1, D 盘是 /dev/hda2, 我只想清这俩盘, 那就这样:
shred -vz -n 3 /dev/hda1 && shred -vz -n 3 /dev/hda2
然后你会看到 shred 会有 4 个 pass, 也就是把目标硬盘/分区刷四次, 其中前三次是用随机数据覆盖, 最后一次是填 0.
选择 -n 3 是考虑到付出与收获的平衡, 由于整个硬盘或分区一般都比较大, 如果默认覆盖个 25 次, 估计得用上你一天的时间, 如果你的电脑秘密服务于国家特殊机关, 那必要是就这么干吧...
以上是清硬盘清分区的做法, 我们还可以用它来彻底毁灭某个文件, 你只需把 /dev/hdaX 这样的设备文件换成你想干掉的文件就可以了 (这也是 *nix 的优雅之处 - 所有东西都是文件:), 例如:
shred -vz AmericanVideo.avi
覆盖它 25 次! 呵呵, 这就污渍油渍, 不留痕迹了 ;)
