Wipe - Linux tool for erasing files
Posted: Wed 01 May 2019, 18:14
wipe is a cli-tool that is in most, if not all Linux repositories which will help you erase your sensitive files securely.
As root, open a terminal where your folder or files to erase are.
For a folder to erase : #wipe -r name-of-your-folder
For a file to erase : #wipe name-of-your-file
Files and folders are not just removed, they are overwritten numerous times, and become unretrievable by forensic investigation tools.
The best folder where to manage your sensitive files is temp folder.
Wiping a partition :
Randomize the drive/partition using a randomly-seeded AES cipher from OpenSSL.
As root :
#DEVICE="/dev/sdX"
#PASS=$(tr -cd '[:alnum:]' < /dev/urandom | head -c128)
#openssl enc -aes-256-ctr -pass pass:"$PASS" -nosalt </dev/zero | dd bs=64K ibs=64K of=$DEVICE status=progress
The command above creates a 128 byte encryption key seeded from /dev/urandom. AES-256 in CTR mode is used to encrypt /dev/zero's output with the urandom key. Utilizing the cipher instead of a pseudorandom source results in very high write speeds and the result is a device filled with AES ciphertext.
The block size is set to 64K above as it is usually faster than the default 512 bytes, and yields nearly optimal transfer rates across a range of hardware.
https://wiki.archlinux.org/index.php/Se ... ed_example
Further reading :
Secure Deletion on Solid-state Disks (SSDs), USB Flash Drives, and SD Cards
Due to the way SSDs, USB flash drives, and SD cards work, it is difficult, if not impossible, to securely delete both individual files and free space. As a result, your best bet in terms of protection is to use encryption. That way, even if the file is still on the disk, it will at least look like gibberish to anyone who gets ahold of it and can’t force you to decrypt it. At this point in time, we cannot provide a good general procedure that will definitely remove your data from an SSD.
https://ssd.eff.org/en/module/how-delet ... inux##SSDs
As root, open a terminal where your folder or files to erase are.
For a folder to erase : #wipe -r name-of-your-folder
For a file to erase : #wipe name-of-your-file
Files and folders are not just removed, they are overwritten numerous times, and become unretrievable by forensic investigation tools.
The best folder where to manage your sensitive files is temp folder.
Wiping a partition :
Randomize the drive/partition using a randomly-seeded AES cipher from OpenSSL.
As root :
#DEVICE="/dev/sdX"
#PASS=$(tr -cd '[:alnum:]' < /dev/urandom | head -c128)
#openssl enc -aes-256-ctr -pass pass:"$PASS" -nosalt </dev/zero | dd bs=64K ibs=64K of=$DEVICE status=progress
The command above creates a 128 byte encryption key seeded from /dev/urandom. AES-256 in CTR mode is used to encrypt /dev/zero's output with the urandom key. Utilizing the cipher instead of a pseudorandom source results in very high write speeds and the result is a device filled with AES ciphertext.
The block size is set to 64K above as it is usually faster than the default 512 bytes, and yields nearly optimal transfer rates across a range of hardware.
https://wiki.archlinux.org/index.php/Se ... ed_example
Further reading :
Secure Deletion on Solid-state Disks (SSDs), USB Flash Drives, and SD Cards
Due to the way SSDs, USB flash drives, and SD cards work, it is difficult, if not impossible, to securely delete both individual files and free space. As a result, your best bet in terms of protection is to use encryption. That way, even if the file is still on the disk, it will at least look like gibberish to anyone who gets ahold of it and can’t force you to decrypt it. At this point in time, we cannot provide a good general procedure that will definitely remove your data from an SSD.
https://ssd.eff.org/en/module/how-delet ... inux##SSDs
